Learn more! ->
June 5, 2015
Corporate Security
Sponsored By:
"U.S. Suspects Hackers in China Breached About 4 Million People's Records, Officials Say"
"IRS Takes Step to Tighten Security for Tax System"
"IoT Devices Entering Enterprises, Opening Company Networks to Attacks"
"Execs Admit 'Blind Spots' Hurt Network Security: Report"
"Heartland's New Breach"
Homeland Security
Sponsored By:
"U.S. Surveillance in Place Since 9/11 Is Sharply Limited"
"China Says It Could Set Up Air Defense Zone in South China Sea"
"Doomed China Boat Had Been Cited for Safety Issues"
"U.S. Met Secretly With Yemen Rebels"
"Boston Officials Move Quickly to Share Video in Terrorism Suspect's Shooting"
Cyber Security
"Hunting for Hackers, NSA Secretly Expands Internet Spying at U.S. Border"
"U.S. Officials Warn of Encrypted Communications by Extremists"
"IRS Chief: Tax Thieves Not Just in Russia"
"Israeli Cybersecurity Chief Focused on Future Threats"
"Local Businesses Protect Others From Cyber Security Threats"
U.S. Suspects Hackers in China Breached About 4 Million People's Records, Officials Say
Wall Street Journal (06/05/15) Barrett, Devlin; Yadron, Danny; Paletta, Damian
U.S. officials say that the personal records of as many as 4 million people have been compromised in what is one of the most far-reaching breaches of federal government computers. The FBI is probing the breach which was detected at the Office of Personnel Management (OPM) in April. It is unclear what particular data was stolen in the breach, though officials say that it could be used for identity fraud. It is also unclear how many of those affected by the breach are current or former federal employees. OPM estimates that there are currently 4.2 million federal employees. The Department of Homeland Security (DHS) says that it detected the breach in part through its Einstein intrusion detection and prevention system, which located the breach in the data center operated by the Department of Interior, which is used by several different federal agencies. Federal officials and private investigators at FireEye say they are confident that the breach was the work of state-backed hacking units in China. Researchers at iSight Partners Inc. are investigating possible links between the OPM breach and recent major breaches of U.S. healthcare companies such as Anthem Inc. and Premera Blue Cross.
Web Link | Return to Headlines
IRS Takes Step to Tighten Security for Tax System
Wall Street Journal (06/03/15) McKinnon, John D.
The IRS could soon announce an agreement with tax-preparation companies on how to tighten security within the tax system. This agreement is expected to involve improved authentication of those people who use tax-filing systems, stronger ability for the industry to check for fraud, and ability to communicate those trends to the IRS. Identity thieves had obtained prior-year tax-return data for more than 100,000 households from an IRS website. IRS Commissioner John Koskinen said that agency officials expect to reach an agreement on “short-term solutions” to better protect taxpayers' personal information, while working on more long-term solutions for tax-system security. Sen. Orrin Hatch (R-Utah), chairman of the Senate Finance Committee, and Sen. Bill Nelson (D-Fla.) also plan to work together to push legislation that would give the IRS more weapons to fight refund fraud. Koskinen suggested that Congress could speed up the timelines for employers to submit wage and tax statements to the IRS, and provide more funding to the agency, but he acknowledge that there was no one solution to the problem.
Web Link | Return to Headlines
IoT Devices Entering Enterprises, Opening Company Networks to Attacks
Help Net Security (06/03/15)
OpenDNS' 2015 Internet of Things (IoT) in the Enterprise Report found specific security risks associated with those devices, including the fact that IoT devices are prevalent in highly regulated industries, and infrastructure supporting those devices are vulnerable to well-known and patchable security flaws. The report also found IoT devices are actively penetrating industries such as healthcare, energy infrastructure, government, financial services, and retail. IoT devices present three principal risks to organizations: the introduction of new avenues for potential remote exploitation of networks; the infrastructure used to enable IoT devices is beyond both the user and IT's control; and IT's often casual approach to IoT device management can leave devices unmonitored and unpatched. Some networks hosting IoT data are vulnerable to highly publicized, patchable flaws, according to the report. Finally, a survey of more than 500 IT and security professionals found 23 percent of respondents have no mitigating controls in place to prevent someone from connecting unauthorized devices to an organization's networks. "This report shows conclusively that IoT devices are making their way into our corporate networks, but are not up to the same security standards to which we hold enterprise endpoints or infrastructure," says OpenDNS' Andrew Hay.
Web Link | Return to Headlines
Execs Admit 'Blind Spots' Hurt Network Security: Report
ZDNet (06/01/15) Osborne, Charlie
Many C-level executives believe that their network infrastructure is safe, but more admit that only enhanced network visibility will improve security, according to a new report by network security analytics firm RedSeal. Among more than 350 executives, nearly 60 percent said they can "truthfully assure the board beyond a reasonable doubt" that their organization is secure. Data breaches, however, are becoming increasingly common against companies of all sizes, and are expected to cost the global economy as much as $2 trillion in the next five years. Only 32 percent of survey respondents claimed to have full visibility into their global network, and 86 percent admitted to gaps in their ability to see and understand what is really going on inside the network. Seventy-nine percent of executives admit to network blindness hindering security efforts, and 29 percent said they knew "for a fact" their network was currently under attack by cybercriminals. Although nearly half of respondents said security is strategic to their business, 72 percent assert that security products, such as antivirus software and monitoring systems, have no strategic value. “Security is a strategic, top-level issue, and it needs to be treated as such by the entire organization,” said Ray Rothrock, chairman and CEO of RedSeal. “The network is the business."
Web Link | Return to Headlines
Heartland's New Breach
BankInfoSecurity.com (06/01/15) Kitten, Tracy
Heartland Payment Systems has reported a new data breach that may be even more damaging than a 2008 hack that exposed 130 million U.S. credit and debit cards. The latest breach -- the result of physical theft at its Santa Ana, Calif., office -- involves payroll information, including bank account details, that was stored and processed by Heartland. "It won't get the attention the breach of their credit card service got, but it's probably more serious," says Gartner analyst Avivah Litan. "For years, no one has reacted or paid attention to the breach of payroll data or taxpayer information, even though the loss of this kind of information is so much more serious to a consumer than credit cards. With credit cards, we are all protected, and the cards can be reissued." Litan says new account fraud and bank account takeover, among other things, are real possibilities. "There's no network there, like MasterCard or Visa, to review things like they do for suspicious card activity," says Litan. "If someone starts taking money out of my bank account, there is nothing [that can be done] about it, unless I can prove that someone has stolen my identity."
Web Link | Return to Headlines
U.S. Surveillance in Place Since 9/11 Is Sharply Limited
New York Times (06/03/15) P. A1 Steinhauer, Jennifer; Weisman, Jonathan
In spite of strong opposition from its majority leader, the Senate on Tuesday approved a bill to limit the federal government's surveillance of American phone records. President Obama signed the measure hours later. Storage of those records now lies with the phone companies, and the government must petition the Foreign Intelligence Surveillance Court for permission to search them. The legislation is meant both to limit aspects of the government's data-collection authority and to examine the workings of the secret national security court. For the first time, the Foreign Intelligence Surveillance Court must declassify some of its most significant decisions, and outside voices will be allowed to argue before the court for privacy rights in some cases. Some critics of the legislation, however, say that the government still has too much power to intrude on individuals' lives. Although security threats have multiplied since the surveillance programs began, increasing privacy concerns have altered public opinion. In the record-collection program's nearly 14 years of existence, studies have found no evidence that it had ever helped prevent a terrorist attack.
Web Link | Return to Headlines
China Says It Could Set Up Air Defense Zone in South China Sea
New York Times (06/01/15) Wong, Edward
During a question-and-answer session at the annual Shangri-La security conference in Singapore on Sunday, Chinese Adm. Sun Jiangou, deputy chief of staff of the People's Liberation Army, said that China could set up a so-called air defense identification zone above disputed areas of the South China Sea. Jiangou said that China had not decided to definitely create such a zone, but that such a decision would be based on an aerial threat assessment and the maritime security situation. The establishment of such a zone would be seen as a significant provocation by the United States. China declared such as zone over waters disputed by it and Japan in the East China Sea, which prompted the U.S. to fly B-52 bombers through the zone to challenge Beijing. In his statement at the security conference this weekend, U.S. Defense Secretary Ashton Carter reiterated his earlier demands that China and other nations in the region stop their land reclamation efforts in the South China Sea. He then left the conference on Sunday and traveled to Vietnam, visiting naval and Coast Guard facilities in the city of Haiphong. Carter told reporters there that the U.S. and Vietnam will sign a "joint vision statement" on Monday and that the U.S. was planning to provide Vietnam with $18 million towards the purchase of patrol ships.
Web Link | Return to Headlines
Doomed China Boat Had Been Cited for Safety Issues
USA Today (06/03/15) Diebel, Matthew
A Chinese cruise ship that capsized in the Yangtze River with more than 450 passengers had been cited for safety violations two years ago. The Eastern Star capsized late June 1 and potentially stands to be China's deadliest maritime disaster in 70 years. Only 14 people have been found alive and the ship's captain and chief engineer have been detained by police. The safety report from 2013 noted dozens of violations upon inspection, and even mentioned that the crew did not know how to put on life jackets. The crew also failed to impart basic safety information to the passengers, most of whom were elderly tourists. State-owned CCTV said that the 250-foot-long ship overturned in a cyclone with winds of up to 80 miles per hour. Around 180 navy divers are expected to peruse the area for survivors. If more survivors are not found, the disaster would be China's deadliest since the SS Kiangya sunk off Shanghai in 1948, killing between 2,750 and 4,000 people.
Web Link | Return to Headlines
U.S. Met Secretly With Yemen Rebels
Wall Street Journal (06/02/15) Solomon, Jay; Fitch, Asa
Top U.S. officials met secretly with Yemen's Houthi rebels last week in a bid to secure the release of Americans held by the rebels and to press for a cease-fire. The meeting took place north of Yemen in the Gulf Sultanate of Oman and resulted in the release of American freelance journalist Casey Coombs, who had been held by the Houthis since mid May. The U.S. delegation, led by State Department official Anne Patterson and U.S. ambassador to Yemen Matthew Tueller, also took the opportunity to press the Houthis to stop firing on Saudi Arabian positions along the country's shared border with Yemen. A Saudi-led regional military coalition has been bombing Houthi positions for weeks in an effort to reestablish the government ousted by the rebels earlier this year. There are still three U.S. nationals being held by the Houthis and U.S. officials say that characterizing their situation is difficult. They do not appear to be hostages, as the Houthis have made no demands related to them. The Houthis act and a view themselves as a government, not a rebel force, and claim they have legitimately detained the U.S. nationals. They claim, for example, to have detained Coombs because his residence visa had expired.
Web Link | Return to Headlines
Boston Officials Move Quickly to Share Video in Terrorism Suspect's Shooting
New York Times (06/05/15) P. A14 Seelye, Katharine Q.
After a black Muslim man was shot and killed in Boston by police and the FBI, law-enforcement officials attempted to prevent unrest by sharing the information quickly with civic and religious leaders. The man, 26-year-old Usaama Rahim, had been under surveillance for possible terrorism. After Rahim was shot, his brother wrote a post on his Facebook page that accused police of shooting Rahim in the back. The post's popularity encouraged police officials to contact civic, civil rights, and Christian and Muslim leaders to tell them that the suspect had attacked officers with a large knife. Boston police commissioner, William Evans, and the Suffolk County district attorney, Daniel F. Conley, gathered a select group of people who were shown a video from a surveillance camera near the shooting. Since police shootings of black men have set off violence and racial strife across the country, many local authorities have tried to resolve potential tensions as quickly as possible. A lack of information in other cities, such as Ferguson, Mo., has often encouraged unrest.
Web Link | Return to Headlines
Hunting for Hackers, NSA Secretly Expands Internet Spying at U.S. Border
New York Times (06/05/15) P. A1 Savage, Charlie; Angwin, Julia; Larson, Jeff; et al.
Classified documents show that the Obama administration has expanded the National Security Agency's (NSA's) warrantless surveillance of Americans' international Internet traffic to find signs of malicious computer hacking. In 2012, lawyers for the Justice Department wrote two secret memos that allowed NSA to begin searches on Internet cables, without a warrant and on U.S. soil. These searches, permitted without public notice or debate, included traffic that flows to suspicious Internet addresses or contains malware. The department only allowed NSA to monitor addresses and “cybersignatures” that could be tied to foreign governments, but the classified NSA documents note that the agency sought permission to target hackers even without established links to foreign powers. It is unclear how NSA is choosing its surveillance targets. The disclosures are based on documents provided by former NSA contractor Edward J. Snowden, and come at a time of increased cyberattacks and increased scrutiny of legal justifications for broad government surveillance. The Senate passed legislation this week that limits some of NSA's authority, but the measure applied to provisions in the U.S.A. Patriot Act, not the warrantless wiretapping program.
Web Link | Return to Headlines
U.S. Officials Warn of Encrypted Communications by Extremists
Associated Press (06/03/15) Tucker, Eric
On June 3, U.S. law enforcement officials expressed concern about the growing use of encrypted communication and private messaging by supporters of the Islamic State. Officials said the technology was complicating efforts to monitor terror suspects. They added that some Islamic State supports are exploiting social media platforms and are shielding their messages from law enforcement. Michael Steinbach, head of the FBI's counterterrorism division said some social media companies build their business model around end-to-end encryption and "there is no ability currently for us to see that" communication. He added that evolving technologies were outpacing laws that allow law enforcement to intercept communications by suspects.
Web Link | Return to Headlines
IRS Chief: Tax Thieves Not Just in Russia
The Hill (06/02/15) Becker, Bernie
John Koskinen, the IRS commissioner, and Russell George, the Treasury inspector general for tax administration, both said that hackers who stole personal taxpayer information were not based solely in Russia. During a hearing, Koskinen noted that the criminals had not hacked the IRS's main systems, which process tax returns. He added that private companies are battling similar issues. Additionally, he said the IRS would announce a new partnership with tax software companies this month, aimed at battling identity theft. Still, George said the IRS deserved some of the blame, noting that the agency had not completed dozens of security upgrades recommended by the inspector general. However, Koskinen said the agency is doing its best to increase cybersecurity measures as it faces a dwindling budget.
Web Link | Return to Headlines
Israeli Cybersecurity Chief Focused on Future Threats
Wall Street Journal (06/03/15) Paletta, Damian
Eviatar Matania, the head of the Israeli National Cyber Bureau, said the country has launched a strategy to prevent increasingly sophisticated computer attacks, warning that terrorist networks could expand their capabilities in the next three to five years. Matania is in Washington meeting with business groups and policy makers as Israel tries to bolster coordination in the cybesecurity field and increase investors. Next year, Israel will create a new National Cybersecurity Authority and Matania will play a lead role in the agency's development. He said Israeli government offices and businesses have faced constant cyberattacks and these have included attempted hacks against "critical infrastructure" in Israel, such as the electrical grid. Matania warned that Iran's use of cyberattacks could become more dangerous.
Web Link | Return to Headlines
Local Businesses Protect Others From Cyber Security Threats
News & Advance (VA) (06/01/15) Ruiter, Jason
McAfee, a computer security software company, reports that 20 percent of cyber attacks are on businesses with 250 of fewer employees. A 2014 study by the National Cyber Security Alliance (NCSA) states that six in 10 businesses do not have a contingency plan if they are breached. Earlier this year, the Lynchburg Regional Chamber of Commerce website was hacked. Christine Kennedy, chamber president, said that they were in the middle of upgrading the site and converting to a different web database when hackers took advantage. Another business in Virginia faced an attempted breach, but it was from an IP address that was traced back to the Korean peninsula. Robert New, CEO of New Forensic Technologies, said the attempt was a "brute force attack," characterized as a barrage of messages sent to a company with the goal of crashing its firewall. New said "if they're not protecting themselves, it's not if it's going to happen, it's when." According to the NCSA about two-thirds of businesses are not concerned about cyber threats.
Web Link | Return to Headlines
Abstracts Copyright © 2015 Information, Inc. Bethesda, MD
ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.
Unsubscribe | Change E-mail | Security Management Online | ASIS Online