Security

SOCA e-crime chief wants closer realtionship with business to combat cyber threat

Serious Organised Crime Agency (Soca) Head of e-crime, Sharon Lemon, is warning that cyber crime is so widespread it features in nearly every criminal investigation.

The Continuity Forum and City Police just a week ago broadcast the same warnings at the IT security threat briefing held in conjunction with IBM.

Lemon said that computer technology was extensively used by criminals and it was vital that each of the UK's police forces had the ability to tackle it. She said: "It needs more awareness and in the year 2008 e-crime is not a specialist crime anymore, it is something that is spreading out to take in all of organised crime. "These people find each other over the internet, they use encryption to protect their data. It is about making sure that everybody in law enforcement understands that e-crime is part of their daily business."

Hundreds of actors found themselves hired for an unusual performance earlier this month - faking illness. The actors, part of the USA's largest ever terrorism drill, played people suffering from the effects of a biological agent.

"THE INTERNATIONAL TERRORIST THREAT TO THE UK"

200 cells, 1600 people, 30 plots. Are you doing enough to prepare?

Dame Eliza Manningham-Buller, the Director General of the Security Service, gave a speech at Queen Mary College, London on 9 November 2006 in which she warned of the continuing threat of terrorism and described how the Security Service and others were combating it.

She was addressing an invited audience of academics, students and journalists as a guest of Professor Peter Hennessy, Attlee Professor of Contemporary British History on behalf of the Mile End Group. The Group is an arm of the Mile End Institute for the Study of British Government, Intelligence and Society.

Have the lessons of 7/7 been learnt?

The Management of Health and Safety at Work Regulations 1999 require employers to develop procedures to deal appropriately with serious and imminent danger, and to nominate sufficient numbers of competent persons to activate those procedures. Employers should consider all potential dangers, e.g. fire, public disorder etc.

This should therefore include terrorism, bomb threats and electronic attack, such as computer viruses. All emergency procedures have to be written down and effectively communicated to all personnel on the premises. The person who has been designated as the competent person responsible for procedures should be clearly identified and his or her role, responsibilities and authority detailed.

IAEA show 300 siezures in 3 years

SEIZURES of smuggled radioactive material capable of making a terrorist "dirty bomb" have doubled in the past four years, according to official figures seen by The Times.

Smugglers have been caught trying to traffick dangerous radioactive material more than 300 times since 2002, statistics from the International Atomic Energy Agency (IAEA) show.

"Insiders pose greatest risk" says Soca e-crime fighter...

Employees are still one of the greatest threats to corporate security as new-aged mafia gangs infiltrate companies, the UK's crime-fighting agency has said.

Tony Neate, e-crime liaison for the Serious Organised Crime Agency (Soca), said insider 'plants' are causing significant damage to companies. He said: "We have fraud and ID theft but one of the big threats still comes from the trusted insiders. That is people inside the company who are attacking the systems. "[Organised crime] has changed. You still have traditional organised crime but now they have learned to compromise employees and contractors. [They are] new-aged, maybe have computer degrees and are enterprising themselves. They have a wide circle of associates and new structures."

Extortionists attack business through DoS 

It has become common practise for extortionists to target net firms and threaten to cripple their websites with deluges of data unless they pay a ransom. Not all the e-criminals are able to follow through on their threats but when the Nochex site went down at 8pm it was time to sit up and take notice.

"We get quite a few, maybe once a month so we don't always take it too seriously," he said.

In this instance though Mr Malik did contact his service provider Pipex. "They told us we were being flooded by a zombie attack," he said.

A man has been convicted of plotting to manufacture homemade poisons and explosives with the intention of causing fear and injury to those who come into contact with them.

The conviction of Kamel Bourgass follows a long and intensive investigation by detectives from the Metropolitan Police Anti-Terrorist Branch with assistance from the security service and other police forces. During a search of premises in Wood Green, London on 5th January 2003 detectives discovered residue from a homemade poison, together with recipes and instructions for making poisons and explosives.

Security in the workplace 

In recent years an increasing chunk of companies corporate security or business continuity budget has been spent on maintaining back-up sites where data can be stored or from which the business could be run in an emergency. However, security consultants point out that risk management begins at home with measures to safeguard company headquarters, branches, factories and greenfield sites.

For new buildings, once the nature of the risks to the business has been assessed, this means careful planning of the layout and configuration of the site or office and security professionals should be part of the process.  “Security needs to be incorporated at the earliest possible stage,  says Paul Burry, a senior consultant at Control Risks which advises clients on their physical security measures.  “In project teams security should be in there from the start - and it should not be the retro-fit or the bolt on later.  

At the heart of a growing industry

By Mark Huband Published: June 24 2005 13:52  

Helping businesses help themselves is no longer the benevolent act it may have seemed in the aftermath of the September 11, 2001 terrorist attacks. A sense of common purpose prevailed as private sector advisers, government agencies and companies themselves sought to address the threat to business operations in the months after the attacks in the US. But in the more than three years that have since passed the roles and outlooks of all forces in the provision of security have changed.

Shares in drugs company Phytopharm fell sharply after animal rights activists scared off its broker.

Canaccord Capital resigned as broker to Phytopharm yesterday – less than a month after a firebomb attack targeted its European finance director.

A website linked to the Animal Liberation Front claimed responsibility for planting the incendiary device which set fire to Michael Kendall’s car. The ALF says Phytopharm has links with animal testing group Huntington Life Sciences. HSL is a long-standing target for protesters.

Information  could have been used to clone credit cards

Police are investigating reports that an Indian call centre worker sold the bank account details of 1,000 UK customers to an undercover reporter.
The Sun claims one of its journalists bought the personal details from an IT worker in Delhi for £4.25 each.

They included account holders' secret passwords, addresses, phone numbers and passport details, it reports.

City of London Police has begun an investigation after being handed a dossier by the newspaper.

While the allegations made in the dossier are very serious, City of London Police would like to remind people that incidents of this kind are still relatively rare City of London Police

The centre worker reportedly told the Sun he could sell up to 200,000 account details each month.

Details handed to the reporter had been examined by a security expert who had indicated they were genuine, the paper said.

The information passed on could have been used to raid the accounts of victims or to clone credit cards.

'Reflect on decision'

More than one bank is thought to be involved in the fraud.

A police spokeswoman said officers were not yet aware of "the breadth of what we are going to be investigating".

"While the allegations made in the dossier are very serious, City of London Police would like to remind people that incidents of this kind are still relatively rare," she said.

The Amicus union said it had warned of the "data protection implications" of offshoring financial services.

"Companies that have offshore jobs need to reflect on their decision and the assumption that cost savings benefiting them and their shareholders outweigh consumer confidentiality and confidence," senior finance officer Dave Fleming said.

Continuity Forum Comment

In the past few months we have seen an increased media focus on the security of Electronic Banking Systems with both TV and Print news sources citing alarming lapses in the procedures followed.

While technology can go a long way to 'secure' information there remains for many the issue of the 'insider'.

Whilst a lot of time and money is spent combating external Security threats it appears as though there is still some way to go to protect the organisation and its stakeholders from the actions of someone on the 'inside'. Whatever the motivation, Greed or Revenge, the threat posed can be far greater both in financial terms and in damage to the Reputation of the organisation.

To help you consider the risks to your organisation we have listed below some of the common characteristics of the 'insider' below:

Insider Characteristics

The majority of the insiders were former employees.

• At the time of the incident, 59% of the insiders were former employees or contractors of the affected organizations and 41% were current employees or contractors.

• The former employees or contractors left their positions for a variety of reasons. These included the insiders being fired (48%), resigning (38%), and being laid off (7%). Most insiders were either previously or currently employed full-time in a technical position within the organization.

• Most of the insiders (77%) were full-time employees of the affected organizations, either before or during the incidents. Eight percent of the insiders worked part-time, and an additional 8% had been hired as contractors or consultants. Two (4%) of the insiders worked as temporary employees, and one (2%) was hired as a subcontractor.

• Eighty-six percent of the insiders were employed in technical positions, which included system administrators (38%), programmers (21%), engineers (14%), and IT specialists (14%). Of the insiders not holding technical positions, 10% were employed in a professional position, which included, among others, insiders employed as editors, managers, and auditors. An additional two insiders (4%) worked in service positions, both of whom worked as customer service representatives.

Insiders were demographically varied with regard to age, racial and ethnic background, gender, and marital status.

• The insiders ranged in age from 17 to 60 years (mean age = 32 years) and represented a variety of racial and ethnic backgrounds.

• Ninety-six percent of the insiders were male.

• Forty-nine percent of the insiders were married at the time of the incident, while 45% were single, having never married, and 4% were divorced.

• Thirty percent of the insiders had been arrested previously, including arrests for violent offences (18%), alcohol or drug related offences (11%), and nonfinancial/
fraud related theft offences (11%).

Organization Characteristics

The incidents affected organizations in the following critical infrastructure sectors:

• banking and finance (8%)

• continuity of government (16%)

• defence industrial base (2%)

• food (4%)

• information and telecommunications (63%)

• postal and shipping (2%)

• public health (4%)

In all, 82% of the affected organizations were in private industry, while 16% were government entities. Sixty-three percent of the organizations engaged in domestic activity only, 2% engaged in international activity only, and 35% engaged in activity both domestically and internationally.

Below we have outlined some of the effects on the organisation:

Consequences for Targeted Organizations

Key Findings

• Insider activities caused organizations financial losses, negative impacts to their
business operations and damage to their reputations.

• Incidents affected the organizations’ data, systems/networks, and components.

• Various aspects of organizations were targeted for sabotage by the insider.

• In addition to harming the organizations, the insiders caused harm to specific
individuals.

Supporting Data

Eighty-one percent of the organizations experienced a negative financial impact as a
result of the insiders’ activities. The losses ranged from a reported low of $500 to a
reported high of “tens of millions of dollars.” The chart below represents the percentage
of organizations experiencing financial losses within broad categories.
Percentage of Organizations Financial Loss

For the full 45 page Report or to comment on this piece please mail us HERE! or call Russell Price directly on +44 (0) 208 993 1599.

Wed, 2005-03-05

Indian police have uncovered plans by a Pakistan-based group to attack companies working in the offshore IT and call centre industry.

Members of the Lashkar-e-Taiba terror group engaged Police in New Delhi in an hour long shoot out resulting in the capture of two and the deaths of three members. Police later raided their base and found information revealing they had visited Bangalore in December to survey software companies as potential targets as well as AK56 rifles, ammunition and over 10kg of the explosive RDX.