Doug Bedell — February 12, 2016, 1:18 pm

Hazards of Email ‘Phishing’ – Know the Dangers

The Security Metrics blog provides a tutorial on “Phishing Email Scams,” a means of telling which emails are legitimate, if not entirely welcome, and those which are merely malware. Obviously, it’s important to know the difference. But how many of us really do?

Here’s what can happen when we don’t: “Some phishing emails will have the victim click on a link, which introduces malware to the user’s device. The malware can then grant access to the attacker, leaving them free to steal sensitive data. Not nice. But skullduggerry like this doesn’t invalidate the use of email. It’s important, however, to become reasonably well-advised on the hazards.

Doug Bedell — February 10, 2016, 11:13 am

Security Climate Still Poor As 2016 Advances

The U.S. security climate evidently isn’t getting any better. A post on In Homeland Security advises that “six terror-related arrests in five different states have already occurred in 2016.”

“The Islamist terror threat remains alarmingly high as recent arrests and terror plots demonstrate. ISIS recruits wage war in our communities, while thousands of deadly fighters trained in Syria stream back into the West – some of them infiltrating massive refugee flows,” stated Chairman Michael McCaul of the House Homeland Security Committee. “ISIS continues its global expansion on the shores of the Mediterranean Sea and the still-dangerous al Qaeda in the Arabian Peninsula seizes greater territory in Yemen.”

Doug Bedell — February 8, 2016, 12:38 pm

Mikko Hypponen, Virus Hunter


Here’s something of what we’re up against in defending computer security. Safe & Savvy presents a year-by-year “rogues gallery” of computer viruses as selected by Mikko Hypponen, “one of the world’s most prominent cyber security experts.”

Hypponen “has spent nearly 25 years with F-Secure protecting people from computer viruses, worms, trojans, and other types of malware…” He knows the virus scene which, sadly, is highly populated.

Doug Bedell — February 5, 2016, 11:53 am

Super Bowl Getting Tightest Sporting Security Ever

Super Bowl 50 this Sunday in Santa Clara, CA, will be “the most highly guarded sporting event in U.S. history,” In Homeland Security reports.

“An estimated 1 million football fans will descend upon the San Francisco Bay Area this weekend,” In Homeland Security advises, “in addition to the millions of people who already live there. Street parties, celebrations, and other festivities are all planned in and around one of the largest metropolitan areas in the United States. It’s that kind of magnitude that prompted the U.S. Department of Homeland Security to classify Super Bowl 50 as a ‘Level 1 Special Event’ i.e., a possible terrorism target. That means the implementation of multiple, coordinated tactics including explosive-detecting measures, a SWAT team, undercover agents, and even simulated airspace intrusions by the U.S. Air Force. And, that’s just the beginning…”

Doug Bedell — February 3, 2016, 1:04 pm

Army Seeking Effective Drone Defense

The U.S. Army is taking the threat of attacks by drones seriously enough to look for a system to defend against them. That means, possibly, that down the road operators of other large-perimeter sites may also be checking out drone defense too.

So far, reports that the leading candidate appears to be the DroneDefender, a system made by Battelle. “The DroneDefender,” advises, “a shoulder-fired weapon that looks like something out of a bad science-fiction movie, uses radio waves to cut the link between the drone and its controller…” Ready, aim…down that drone!

Doug Bedell — February 1, 2016, 11:35 am

A Talk By a Top ‘Hacker’

Bruce Schneier advises that the National Security Agency (NSA) made Rob Joyce, head of NSA’s Tailored Access Operations (TAO) group – “basically the country’s chief hacker” – available for a public speaking assignment recently. Schneier provides summaries of Joyce’s talk and speculates on why he was permitted to give it.

Doug Bedell — January 29, 2016, 9:09 am

Pointers From DHS On Maintaining Data Privacy

Yesterday was Data Privacy Day, and the Department of Homeland Security had a highly pertinent post on protecting personal and business information on the Internet. So, a day later, we’re calling your attention to it – it’s actually timeless.

The last bullet point is a digital age reiteration of an eternal caution: “Think before you act. Be wary of communications that offer something that sounds too good to be true…”

Doug Bedell — January 27, 2016, 11:50 am

Opportunity Via the Cyber Security Act

The recently enacted Cyber Security Information Sharing Act (CISA) was prompted by legitimate concerns over computer-based information privacy.

Still, notes In Homeland Security, now it’s time for issuing the implementing guidelines. And each of the federal agencies involved “must prepare to respond to each and every concern raised by the privacy mavens. Therein may lie the real historical significance of CISA.

“After all, there’s a larger debate going on in our world, which hinges around the equally compelling priorities of security and privacy; of our survival as a society, and of the basic human rights that make surviving worth the bother. CISA in and of itself will not, of course, resolve those mega-issues, yet it does at least provide one more opportunity to thrash out the issues, to find workable common ground among competing interests, and to begin to define best practices that can keep us both freer and safer.”

Doug Bedell — January 25, 2016, 1:33 pm

How the Security Industry’s Leadership is Changing

No industry stays the same over time in terms of its priorities and people. And security is no exception in this regard. To prove it, Security InfoWatch reports on “The changing face of the security industry.”

‘While many organizations’ executive-level security positions have historically been filled by those with law enforcement or military experience,” InfoWatch writer Joel Griffin reports, “there is a growing contingent of young security industry professionals who come from very diverse backgrounds and possess a wide variety of skill sets.” Read on.

Doug Bedell — January 22, 2016, 12:07 pm

Vehicle Barriers As Prime Site Protectors

The Intersec blog gives high priority to controlling vehicle access among the means of insuring a secure building site.

“Even if people have easy access to your site,” Richard McKeon writes on Intersec, “controlling vehicle access can make a big contribution to minimising loss.”