UPS Stores are having their own stressful moments in terms of hacking attacks and potential security headaches for customers. Naked Security reports that “Data breaches at 51 UPS Stores in two dozen U.S. states have put as many as 100,000 customers at risk of identity theft and credit card fraud, after malware was found on the stores’ networks, the company said.” The UPS Store – a subsidiary of global shipping service UPS – began checking after receiving a bulletin from the U.S. Department of Homeland Security “warning of a ‘broad-based malware intrusion’ targeting retailers.” Unfortunately, it found malware on the stores’ point-of-sale registers, “similar although not necessarily related to the attack on Target in late 2013.” If not eternal, lets apply contemporary vigilance, folks.
From the Miller School of Medicine at the University of Miami Health System comes one of the most comprehensive listings of security precautions, both physical and environmental, that we’ve seen. Appropriately, the list begins with the physical security perimeter and extends all the way down to “secure disposal or re-use of property.”
Scan the Miller list to get a sense of what you might be missing in terms of a full-featured site security system. While it doesn’t include vehicle access control expressly, it’s pretty full-bodied.
There’s a new, well-intended app out that could, however, do with some second thoughts. It’s called Hero911 and is intended, says Homeland Security Watch, “to reduce law enforcement response time to active shooting incidents at schools.” Schools work with local police to set up use of the app. But in practice, Homeland Security Watch wonders, could it prompt response by, say, an off-duty policeman before an on-duty colleague arrives? And suppose the on-duty cop starts shooting at…his colleague, thinking he’s the shooter?
Ghastly? Yes, likely, maybe. We’ve got to think through, really think through, all sorts of security situations these days.
The best way to keep on top of electronic security threats is to follow reports on what’s been harassing computer systems. That may seem self-evident, but an infographic on Information Week’s Dark Reading blog shows how to “Get Smart About Threat Intelligence.”
Study the display for a while and you’ll find you have lots of sophisticated company in figuring out how to thwart or avoid altogether computer security attacks. The infographic is sponsored by Symantec.
This hasn’t to do with physical security, unless you consider that the availability of physically fit people is important to any security system. And the reality for America is that too many of its people are, to put it bluntly, obese. Homeland Security Watch (HSW) considers the fitness threat to U.S. interests.
“Some people (e.g., several hundred retired admirals and generals) argue obesity threatens both the security and resilience of the nation,” HSW advises. “Obesity” it adds, “threatens more than the nation’s ability to staff its armed forces. It’s an economic threat,” as well as a factor in U.S. mortality rates. Spread, dare we say, the word.
AlertID and the National Crime Prevention Council have partnered to create a smartphone app – McGruff Mobile – that advises of crime threats in your neighborhood. (The council is home to McGruff the Crime Dog himself.)
Available for iPhone and Android, the app provides alerts from trustworthy sources as well as law enforcement bulletins, severe weather and hazardous materials alerts and more. It can act as a virtual neighborhood watch, and allows you to report suspicious activity to neighbors, the police and even Homeland Security.
Bruce Schneier figures that the U.S. intelligence community has not one leaker – Edward Snowden – but three of them. Schneier thinks there’s a source in Germany as well as one at the National Terrorist Screening Database (NTSD).
Incidentally, CNN says that the cities with the most names on the NTSD list are New York, Dearborn (MI), Houston, San Diego, and Chicago. Dearborn, CNN notes, has one of the nation’s biggest concentrations of Arab and Muslim populations.
Thought it interesting to note that a provider of security cameras, SightLogix, is furnishing its SightSensor video analytic thermal cameras to “a major Class 1 railroad,” not further identified, of course. “The advanced video detection technology is being funded through the Federal Emergency Management Agency’s 2011 Freight Rail Security Grant Program,” SightLogix advises.
“Funds are allocated to freight railroad carriers that own railways in order to strengthen their ability to protect against threats, and to maintain the rail security of critical surface infrastructure such as bridges and tunnels.”
Don’t be too awed by what you may have heard about those new computerized cars. The more automated and “networked” a car becomes, the more hackable it becomes too, InformationWeek’s DarkReading blog advises.
“The researchers studied in-depth the automated and networked functionality in modern vehicle models,” Dark Reading advises, “analyzing how an attacker could potentially access a car’s Bluetooth, telematics, or on-board phone app, for example, and using that access to then control the car’s physical fetures, such as automated parking, steering, and braking.”
Some scenarios would require the attacker to be near the targeted car, but “telematics-borne attacks could occur from much farther away, the researchers say.” Try all this on your next new car salesman!
Aware of how important cyber security has become to the nation’s functioning, the U.S. House of Representatives has passed three cyber protection bills, as discussed on Government Security News by John Wagley, executive editor.
One of he most important features of the three bills to protect critical infrastructure is that they were passed in a spirit of bipartisanship, by representatives who took a responsive look at the nation’s post-9/11 security needs. Good news from Capitol Hill!