Security News Curated from across the world
One major fear of port officials throughout the world is that an oil tanker could be commandeered and used as a weapon of mass destruction, said Alex Genin, chief executive and president of VIP Systems.
SkyPort International, a secure broadband satellite communications provider that is working with VIP on the system, has a contract with one company that had a vessel commandeered by pirates on the open seas in Asia.
http://www.chron.com/disp/story.mpl/business/3858026.html
The US With a high number of Internet connections and a rich history of Web- and computer-literate criminals, the US is understandably the major focus for much of the discussion into the current global problem of cyber crime. For example, according to Spamhaus, the US is not only responsible for more spam than any other nation, it is actually far worse than the rest of the current top 10 put together.
Though much US spam has traditionally travelled via China, the US does certainly harbour some of the most prolific spammers in the world, as well as the world’s three worst ISPs for relaying spam, says Spamhaus.
That ISP figure points towards a hidden menace which further blurs the boundaries of cyber crime — the sheer number of PCs that have been compromised and are churning out spam and malware unbeknownst to their owners.
China China leads the way in terms of originating Internet attacks, accounting for just over one-quarter of all reports last year of Internet attacks and probes, according to Kaspersky Labs.
Russia and the Baltic States Despite the popular myth that ‘The Russians’ are the greatest threat to Internet security, Russia accounted for only two percent of Internet attacks and probes last year. The eponymous founder of Kaspersky Labs blames the stereotype on the American media, suggesting propaganda and political point-scoring has done little to paint a clearer picture of which countries are responsible for what kinds of attacks. Nonetheless, the reputation of Russia and the Baltic States has certainly been tarnished in recent years by a growing trend towards blackmail with threats of denial of service attacks.
And while this is in no way unique to these parts of the former Soviet Union — as all crimes, if successful, will develop a global appeal — experts claim it is a crime that was pioneered in the region — though targets were often based in the US or Western Europe.
Europe also has a very active hacker network and recent years have seen a number of European virus writers arrested in relation to serious attacks. As with the US, Europe is also guilty of relaying a great deal of malware infections via unguarded home PCs and large ISPs, though this may see Europeans cast as the ‘mule’ rather than the criminal at source.
Take West Africa, which has become synonymous with electronic fraud in the wake of so-called 419 e-mail scams and other Internet-based fraud originating from Nigeria.
South America has seen many instances of Web site defacements and although these are a worldwide problem it is certainly a hotbed for this type of activity.
In less politically stable regions, such as the Middle East, we have seen several Web sites vandalised as well as sites defaced with a political message — often called ‘hacktivism’, though this is small scale and lacks the severity of impact that other attacks have. Similarly the use of Trojans and other spying technologies appears to have found some popularity in Israel but again it is far from unique to the one country.
In conclusion, while it is worth identifying the most obvious and most serious trends in global cyber crime, we must realise it is never going to be as straightforward as assuming the battle lines are drawn as clearly as the national boundaries on the map.
http://www.zdnet.com.au/insight/security/soa/A_globetrotter_s_guide_to_cyber_crime/0,39023764,39255969,00.htm
Identify fraud and theft costs the community an estimated $1 billion every year.
http://www.computerworld.com.au/index.php/id;1149476917;fp;16;fpid;0
“We hear many credit union prospects say they can’t imagine a hacker would want to target them because they are small,” said Ramsey. “I believe these findings illustrate how important it is for all financial organizations to be diligent and thorough in implementing and maintaining a strong, defense-in depth IT security plan,” continued Ramsey.
http://www.it-observer.com/news/6270/credit_unions_attacked_by_hackers_more_than_banks/
EMC said Kashya’s software will extend EMC’s software portfolio for remote replication across environments consisting of different operating systems, including Windows, Linux and different flavors of Unix.
The Hopkinton, Mass., company, whose software license and maintenance revenue jumped 11 percent to $925 million in the most recent quarter, believes making its software portfolio more granular will help it lure more customers while keeping its current clients.
http://www.internetnews.com/infra/article.php/3604826
“Most companies are sitting ducks,” says Nancy Flynn, founder and executive director of the ePolicy Institute. “They don’t realize that E-mail is the electronic equivalent of DNA evidence.”
Bill Gates wasn’t thinking about that when he sent messages to Microsoft executives in 1996 discussing the need for the company to increase its share of the Web browser market. Two years later, he had to explain his written statements under oath when the federal government accused the company of violating antitrust laws when it crushed Netscape in the Web browser market. Watching Gates squirm–and grab headlines–in a court case involving E-mail should have been fair warning to all business executives and other high-ranking officials to exercise greater caution when writing E-mails.
Failure to get a handle on E-mail–and soon instant messages and blogs and other forms of business communications–can cost companies money and their reputations. Morgan Stanley learned that lesson the hard way. It’s been hit with millions of dollars in Securities and Exchange Commission and court fines as well as legal judgments for violating E-mail retention rules. And it’s been embarrassed by archived mail introduced in a wrongful termination case that showed, among other things, its CTO hitting up vendors for tickets to sporting events.
Many industries have regulations such as the Health Insurance Portability and Accountability Act in health care, and all public companies are governed by Sarbanes-Oxley. “The first thing my clients want to see now is E-mail and E-mail attachments,” says Eric Blank, managing attorney of law firm Blank Law & Technology, which specializes in electronic evidence detection. If a company has to review millions of pages of E-mail, legal fees of $300 an hour can quickly add up to hundreds of thousands of dollars.
The average company creates at least a million messages each day, Forrester Research estimates. But technology tools and services can help companies monitor and manage that E-mail, including specialized archiving, retrieval, and discovery software.
Blank turned to archiving software from Postini to sort through the messages, eliminate the captured spam, and create files of relevant E-mail for use in regulatory compliance.
Transatlantic Reinsurance, a provider of insurance to the insurance industry, operates within a “very litigious environment, as the insurance industry is highly scrutinized,” says Socrates Pichardo, VP of IT. The company was receiving numerous search requests from its IT and legal teams that required the manual review of thousands of E-mails. The offering lets customers automate information collection and archiving and avoid the “save everything” strategy by saving only what needs to be saved.
Consultants offer advice on classification and policy services, records management and assessment, E-mail archiving assessment, tape restoration and migration planning, and data erasure.
Businesses in the past year have shifted their attention from border security to regulatory compliance, so the services company needs to help its customers retain messages for compliance reasons as well as preserve other valuable communications.
http://www.informationweek.com/news/showArticle.jhtml?articleID=187200562