May 29, 2007
According to new research, while 87 percent of organizations are confident that they can deal with viruses, spam and malware, only 35 percent feel they are able to deal with the prospect of lost data. What’s more, 73 percent of those questioned believed they could lose their jobs if a significant breach came to light.
The research study, undertaken by KACE Networks, declared that frontline IT staff are not empowered or sufficiently expert to make important decisions about IT security.
More on ComputerWeekly.com
May 23, 2007
Investigators looking into the leakage of US Aegis missile defense data in Japan now believe that more American military secrets may have been leaked by an officer of the Japanese armed forces. Apparently, it now seems that lost data includes top-secret information on the Standard Missile-3 interceptors and Link 16 system, which is used to share information from reconnaissance satellites.
The officer in question claims to have inadvertently copied the secret information to a removable media device when sharing pornography with a fellow soldier (an excuse that certainly earns top marks for originality!).
Although it is unclear how far the data may have leaked, this episode is likely to hurt American-Japanese military relations and is rumored to be causing trouble to Japan’s planned purchase of American F-22 Raptor fighter jets.
In the latest development, Japanese police raided a navy school in Hiroshima, confiscating PCs and a range of storage devices.
May 21, 2007
Jessica Lynn Quintana, a former contractor at the USA’s Los Alamos National Laboratory, has pleaded guilty to copying confidential documents onto a USB thumb drive and taking it home. Los Alamos is one of two laboratories in the United States where classified work towards the design of nuclear weapons is undertaken.
On Oct.17, officers of the Los Alamos Police Department executed a state search warrant on Quintana’s home and seized the thumb drive containing classified information. Quintana faces a maximum of one year in jail and a $100,000 fine. She has lost her security clearance and also could receive up to five years of probation.
Last week, the government announced that an FBI intelligence analyst stole classified information from the White House and the FBI’s own database for nearly four years. Leandro Aragoncillo, who had served under two vice presidents in the White House, pleaded guilty and is awaiting his sentencing this summer.
More on DarkReading.com
May 10, 2007
On the same day we reported the theft of a National Health Service (NHS) laptop resulting in the possible ID theft of 30,000 employees, one WatchYourEnd contributor found himself on an evening train home from London sat opposite what appeared to be a senior NHS manager (it said “Property of NHS” on his laptop, anyway).
Imagine our man’s surprise then, when said manager got up and left his PC unattended on the table for 10 minutes while he visited the buffet car, took a stroll, or whatever takes 10 minutes on a commuter train! Let’s just think about that again; on the same day the media critizes the organization for losing 30,000 records, a staff member leaves his computer open for anyone to steal or otherwise tamper with on a train…
Let’s just say the temptation for our man to insert a USB drive loaded with “slurpaudit.exe” into the guy’s computer was tough to resist. Maybe we would have found another 30,000 records for the NHS to worry about.
According to Sophos, a new Worm has emerged which uses USB sticks or similar removable media devices as its main form of propagation. The so-called SillyFD-AA worm copies itself to a USB stick and then creates an autorun file which is triggered every time the host device is plugged into a PC.
This method of Worm transmission is designed to bypass increasingly-tough gateway or perimeter defenses by hitting the PC directly. As such, companies that don’t manage device connections to their corporate PCs are especially at risk.
