Last week, the U.S Department of Transportation’s Federal Aviation Administration released its first road map outlining safety measures for unmanned aircraft systems (UAS), also known as “drones.” The 66-page document addresses policies, regulations, technologies and procedures that will be required for use of commercial drones in national airspace.
Drones are typically used by federal, state and local government agencies, as well as universities conducting research. The Department of Homeland Security uses drones for border monitoring; NASA and the National Oceanic and Atmospheric Administration use them for atmospheric research; while Virginia Tech uses drones for mapping agricultural diseases.
The road map explains that developing minimum standards for sense and avoid technology, monitoring control and communications and finding ways to ensure that UAVs can comply with air traffic control visual clearances and instructions are among the challenges yet to be overcome.
Posted on Nov 14, 2013 at 8:11 AM1 comments
The convenience USB drives offer for portable storage is well known. But so is the potential security threat.
Devices can easily be lost or stolen, putting agency data at risk, or used to deliberately take data from an agency, as Edward Snowden did. They can even be used to introduce malware to a network: A 2011 penetration test by the Homeland Security Department found that 60 percent of USB drives deliberately left in agency and contractor parking lots were picked up and inserted into network computers.
In a recent blog post, Chris LaPoint, vice president of product management at SolarWinds, offered three basic steps agencies can take to ensure USB drive security:
Monitor and track network activity. Unusual activity can indicate breaches or USB-introduced malware.
Use a secure managed file transfer system. These Web-based systems control access through virtual folders, eliminating the need for physical media and allowing for active monitoring.
Use a USB defender tool. These provide real-time alerts whenever a USB drive is in use, and block usage if a malicious attack is detected.
Government agencies have struggled with how to balance the convenience of portable storage devices with the security risks they create. In fact, the Defense Department instituted a ban on these devices for two years, which was eventually lifted in favor of regulated use. Sound precautionary measures, and use of products such as encrypted USB drives, can help agencies store and share their data efficiently.
Posted on Nov 12, 2013 at 7:43 AM0 comments
Microsoft’s monthly Patch Tuesday update includes a fix for a recently discovered zero-day vulnerability in Internet Explorer that the company said was being exploited. The flaw is present in all versions of Windows from XP through the most recent version, 8.1.
The security company FireEye said it had found exploits of the flaw carried out against IE 7, 8, 9 and 10, on PCs running XP or Windows 7, Computerworld reported. FireEye said the exploits were part of a watering hole campaign involving an infected website in the United States. The company didn’t identify the site but said it focused on domestic and international security policy.
Watering hole attacks are becoming popular among malicious actors as an alternative to attacks such as spear phishing. Like spear phishing, they’re highly targeted, but instead of sending someone a targeted email that will try to induce them to click on a link to an infected site, watering hole attacks pick sites their targets are likely to visit, infect the site and then lie in wait. When the target — either an individual or someone from a targeted group — visits the site, the user's computers can be compromised.
The exploit FireEye found was unusual because it was designed to erase itself when the PC is rebooted, Darien Kindlund, the company’s manager of threat intelligence, told Computerworld. Such an attack harder to detect because it leaves no trace after the restart, but it also means that the attackers must have operators on hand when a target, likely identified by its IP address, visits the site to take advantage.
Posted on Nov 12, 2013 at 11:10 AM0 comments
As if it didn’t already have enough problems of its own, researchers at Arbor Networks have found a denial-of-service attack tool that targets HealthCare.gov, the main federal health care exchange website.
“Destroy Obama Care!” exhorts the writer of the tool, a self-styled American patriot. “ObamaCare is an affront to the Constitutional rights of the people. We HAVE the right to CIVIL disobedience!”
“It’s pretty lame,” said Marc Eisenbarth, manager of the Arbor Security Engineering & Response Team (ASERT).
An analysis of the tool concluded that it is unlikely to succeed in affecting the availability of the site, and Eisenbarth said that there is no indication that it has been used or that the problems being experienced at HealthCare.gov are anything other than self-inflicted.
The tool at one time was available for download on several sites but has since disappeared. “It’s basically gone,” Eisenbarth said, although no exhaustive search for it has been done.
It was found by ASERT through monitoring of peer-to-peer networks using algorithms to detect politically motivated attacks. The anti-ObamaCare tool was interesting more for its motives and rhetoric than for its content, Eisenbarth said. Rather than using any of the available off-the-shelf DDOS attack tools, it was developed by the author using Delphi, a language that often is traced to Russia although that does not appear to be the case this time. Each copy of the tool opens multiple links that make repeated layer 7 -- application layer -- requests to the site, alternating between the URLs for the site’s home page and the contact page.
The author claims that the tool is intended only to deny service to users of the site “and perhaps overload and crash the system,” and that “it has no virus, trojans, worms or cookies.” Eisenbarth said ASERT found no malicious code in it.
ASERT notified the Centers for Medicare and Medicaid Services, which administers the site, and the Homeland Security Department about the tool, and got a callback from DHS. “We talked them off the ledge,” Eisenbarth said.
Posted on Nov 08, 2013 at 12:04 PM1 comments
The Homeland Security Department and FBI have warned police, fire departments and security personnel that Android users running out-of-date operating systems on their devices pose a significant security threat to their organizations, NetworkWorld reported.
In the July memo, which was “for official use only” and therefore not widely circulated, DHS said “industry reporting” showed that 44 percent of Android users were “still using versions 2.3.3. through 2.3.7 of the OS – known as “Gingerbread” – which were released in 2011 and carried a number of security flaws that were repaired in subsequent versions.
“The growing use of mobile devices by federal, state and local authorities makes it more important than ever to keep mobile OS[es] patched and up-to-date,” the notice said.
DHS cited three threats to those carrying devices with obsolete Android OSes and outlined a mediation tactic:
Text message Trojans account for about half of the malware on older Android devices, DHS said. A common exploit sends texts to premium rate phone numbers owned by criminals and results in high charges to the user. Security suites are now available to knock out the threat, according to the memo.
This is hidden malware that logs a user’s locations, keystrokes or passwords without the user’s knowledge. DHS recommended installing the Carrier IQ test free app that can find and remove the malware.
Fake Google Play domains
Users should install and update antivirus software to knock out these exploits, which trap users into installing apps that let hackers get at financial data and log-in credentials, DHS warned.
Posted on Nov 06, 2013 at 11:23 AM0 comments