NATO defense ministers and diplomats have met in Edinburgh, Scotland to discuss the future of the alliance's mission in Afghanistan. Hosted by Britain, the now familiar call for greater participation from some European states was one of the main themes. For VOA, Tom Rivers reports from London.
The Edinburgh meeting allowed the participants to take stock of the still tough and what will likely be a lengthy stay in Afghanistan.
On hand for the discussions were the defense and foreign ministers from countries with deployments in the troubled southern part of Afghanistan.
Hosting the conference was British Defense Minister Des Browne who once again said greater burden sharing would certainly be welcomed.
"Could other countries do more? Could we do with more? Yes, of course we could but the other side of the coin, of course, is that I am a politician and I am a realist and I understand you, known, the dynamics of alliances that are made up of countries of different political make-ups and governments of different types," he said. "I mean some of the governments are not there because of minority governments. They have a political will, but they do not have political process to deliver."
Britain is the largest contributor of after the United States with 7,800 troops deployed.
Among those attending the Scottish meeting, was U.S. Defense Secretary Robert Gates who believes that some in Europe have lost sight of why allied troops are there.
He wants NATO to adopt and publish a short statement spelling out clearly why forces are still there six years after the Taliban was ousted from power.
A NATO heads of government meeting will take place in April and leaders there are expected to firm up the alliance's strategy for Afghanistan.
Gates warns that gains made over the years can be lost unless a comprehensive military, economic and diplomatic package is set in motion.
Specifically, he says 3,500 trainers are needed for the Afghan police and the army needs 16 helicopters.
Over the past 18 months, Taliban insurgents have increased their attacks in the south, employing a variety of tactics including roadside and suicide bombings and kidnappings.
Source: http://www.globalsecurity.org/military/library/news/2007/12/mil-071214-voa07.htm
Friday, December 14, 2007
Two California men enter guilty pleas on terror charges
14 December 2007: Two of four men indicted in August 2005 for plotting to attack U.S. military facilities, Israeli government facilities and Jewish synagogues in the Los Angeles area pleaded guilty to terrorism charges today. Kevin JAMES, a/k/a Shakyh Shahaab MURSHID and Levar WASHINGTON, a/k/a Abdur RAHMAN appeared before a court in Santa Ana and pleaded guilty to conspiring to wage war against the United States. Both will be sentenced next year.
In a statement released by Justice Department officials, the third man, Gregory Patterson, a/k/a Bilal, was expected to enter a plea of guilty on Monday to one charge of conspiracy to commit terrorism. The fourth member of the group, Hammad SAMANA, a U.S. resident from Pakistan, was assessed as unfit to stand trial. He is currently receiving psychiatric care at a federal prison, according to the US Attorney's Office.
According to the indictment, JAMES (MURSHID) founded an Islamic terrorist group in 1997 while incarcerated at California State Prison-Sacramento, and recruited other inmates for the organization identified as Jam’iyyat Ul-Islam Is-Saheeh,, or JIS. In 2004, he recruited Levar WASHINGTON. Upon being released from prison, WASHINGTON began recruiting other co-conspirators to plot terrorist acts and commit armed robberies – the latter to fund purchases of firearms, ammunition and explosives.
Beginning sometime about December 2004, WASHINGTON, PATTERSON and SAMANA targeted and conducted Internet research on and surveillance of U.S. military facilities in the Los Angeles area as part of their plot to kill U.S. military personnel. In July 2005, Patterson and Samana allegedly used computers to research military targets in the Los Angeles area, while Samana drafted a document listing Israeli and U.S. targets in Los Angeles. In addition to the U.S. military targets, the co-conspirators specifically targeted Israeli and Jewish facilities in the Los Angeles area, including the Israeli Consulate, El Al and synagogues. They also allegedly engaged in firearms and physical training, in preparation for attacks.
Source: http://www.homelandsecurityus.com/LAfour121407
In a statement released by Justice Department officials, the third man, Gregory Patterson, a/k/a Bilal, was expected to enter a plea of guilty on Monday to one charge of conspiracy to commit terrorism. The fourth member of the group, Hammad SAMANA, a U.S. resident from Pakistan, was assessed as unfit to stand trial. He is currently receiving psychiatric care at a federal prison, according to the US Attorney's Office.
According to the indictment, JAMES (MURSHID) founded an Islamic terrorist group in 1997 while incarcerated at California State Prison-Sacramento, and recruited other inmates for the organization identified as Jam’iyyat Ul-Islam Is-Saheeh,, or JIS. In 2004, he recruited Levar WASHINGTON. Upon being released from prison, WASHINGTON began recruiting other co-conspirators to plot terrorist acts and commit armed robberies – the latter to fund purchases of firearms, ammunition and explosives.
Beginning sometime about December 2004, WASHINGTON, PATTERSON and SAMANA targeted and conducted Internet research on and surveillance of U.S. military facilities in the Los Angeles area as part of their plot to kill U.S. military personnel. In July 2005, Patterson and Samana allegedly used computers to research military targets in the Los Angeles area, while Samana drafted a document listing Israeli and U.S. targets in Los Angeles. In addition to the U.S. military targets, the co-conspirators specifically targeted Israeli and Jewish facilities in the Los Angeles area, including the Israeli Consulate, El Al and synagogues. They also allegedly engaged in firearms and physical training, in preparation for attacks.
Source: http://www.homelandsecurityus.com/LAfour121407
Mudslide closes Oregon Highway 30 after dam breaks
A mudslide closed U.S. Highway 30 after a cracked dam broke open above Woodson in Columbia County. Earlier Tuesday, the Oregon Department of Forestry requested that ODOT close the highway because of the potential for a slide in this area at Eilertsen Creek.
Source: http://www.dailyastorian.com/main.asp?SectionID=2&SubSectionID=398&ArticleID=47478&TM=24384.42
Source: http://www.dailyastorian.com/main.asp?SectionID=2&SubSectionID=398&ArticleID=47478&TM=24384.42
Work begins on Chain of Rocks levee berms
Work has started on another phase of large berms of sand and dirt designed to improve the Chain of Rocks Canal levee. The goal of the $46.4 million project is to make the levee, owned by the U.S. Army Corps of Engineers, capable of withstanding a 500-year flood. When new FEMA maps come out in March, they are expected to show that the Chain of Rocks levee system and four other metro-east levee systems do not meet the new standards for whether a levee is capable of withstanding a 100-year flood. The corps has been adding berms at the Chain of Rocks levee for the past couple of years, and at the current level of federal funding, the work is expected to continue another five years. The project also includes adding relief wells, which allow water to get out from below the levee without causing erosion, and a new water-pumping station. In the current phase of work, an 18-acre berm of sand and dirt is being built along the east side of the Chain of Rocks Canal levee, north of Interstate 270.
Source: http://www.bnd.com/news/local/story/201357.html
Source: http://www.bnd.com/news/local/story/201357.html
Agencies monitor air quality; officials consider evacuations
A fire that broke out about 4:40 p.m. Monday at InterGroup International Ltd., in Champion, Ohio, has caused more than $1 million in damages, according to Champion’s fire chief. The Ohio State fire marshal is investigating the cause of the blaze, which destroyed a 42,000 square-foot storage facility. On Tuesday, smoke was still coming from the facility and Champion’s Fire Department was working with the Trumbull County and Northeast Ohio Hazardous Materials (HAZMAT) teams as well as the Ohio and U.S. Environmental Protection Agencies to monitor air quality around the smoke plume. The agencies originally decided to let the fire extinguish itself because it cannot be put out with water due to the high oxygen levels created by the burning plastics. However, a Champion firefighter said Tuesday night that new calculations by the EPA showed the fire could continue burning for three weeks, so a contractor was being brought in to smother the fire instead. On Tuesday evening the fire department began warning residents they may have to evacuate if conditions did not improve.
Source: http://www.tribune-chronicle.com/News/articles.asp?articleID=25809
Source: http://www.tribune-chronicle.com/News/articles.asp?articleID=25809
Young, poor prefer cell phones
More than one in eight households have cell phones but lack traditional, landline telephones, according to a federal study released Monday that tracks the country’s growing dependence on wireless phones. The data, reported twice a year, suggested that the number of households relying solely on cell phones may be growing more slowly than it had in the past. But the researchers said the slowdown might be due to changes in their survey, including altering the order of some questions and some of the wording. The growth of families reachable only by cell phone has been of special interest to the telephone industry, providers of 911 emergency services, and public and private polling organizations. The federal data showed once again that young, poor, male, and Hispanic people are likelier to have only wireless telephone service.
Source: http://ap.google.com/article/ALeqM5gdmC4QL0gqIxS2sopb2IU9Y0DBgQD8TEODH00
Source: http://ap.google.com/article/ALeqM5gdmC4QL0gqIxS2sopb2IU9Y0DBgQD8TEODH00
Ohio gets the message on data breaches
After announcing in September that a computer tape containing information on approximately 85,000 current and former state employees and another 47,000 tax payers had been stolen from a car, the State of Ohio has signed a contract with McAfee for 60,000 licenses of its Safe Boot encryption program. The Ohio breach occurred when a back-up computer tape was stolen out of a car that belonged to an employee of the state. That employee, an intern, was specifically tasked with transporting the tape, which contained names, Social Security numbers, and other identifying information on 64,467 state employees, 19,388 former employees, and another 47,245 tax payers. It was completely unencrypted, meaning the data would be easily accessible. The tape’s loss is expected to cost the state around $3 million in direct costs. The state will start using the new software early next year.
Source: http://www.guardmycreditfile.org/index.php?option=com_content&task=view&id=941&Itemid=138
Source: http://www.guardmycreditfile.org/index.php?option=com_content&task=view&id=941&Itemid=138
Three critical fixes star in Microsoft patch
Three of the seven patches Microsoft released on Tuesday were rated “critical,” which is the highest ranking Microsoft uses. These patches were meant to fix flaws in handling streaming media by Microsoft DirectX, bugs in Windows Media Format Runtime, and multiple vulnerabilities in Internet Explorer, all of which pose a severe risk. In all three cases, the vulnerabilities addressed by the update create a possible means for hackers and cyber-criminals to smuggle malware onto, or otherwise attack, vulnerable computers. Hackers are actively exploiting one of the flaws in IE to attack vulnerable machines, the SANS Institute’s Internet Storm Centre warns. The remaining four “important” updates address a number of flaws, including some in Windows Vista and a security bug in DRM software from Macrovision that comes bundled with Windows. In November, Macrovision issued a patch to address flaws in its SafeDisk utility that have become the target of various attacks by crackers.
Source: http://www.theregister.co.uk/2007/12/12/dec_black_tuesday_update/
Source: http://www.theregister.co.uk/2007/12/12/dec_black_tuesday_update/
US-CERT: Attackers targeting Microsoft Access files
Online criminals are exploiting a flaw in the Microsoft Office Access database to install unauthorized software on computers, the U.S. Computer Emergency Readiness Team (US-CERT) warned in a brief warning on Monday. US-CERT offered few details on the attack, saying simply that the organization is “aware of active exploitation” of the problem by criminals who have sent specially crafted Microsoft Access Database (.mdb) files to victims. These files are “designed for the sole purpose of executing commands,” so they should not be accepted from un-trusted sources, Microsoft said in a note on its Web site. The senior manager for Symantec Corp.’s security response expressed surprise at the attacks as .mdb files “are not something that the average user would come across on a daily basis…” and they “are blocked by default in most installations of Internet Explorer and Outlook Express.”
Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9052538&source=rss_topic17
Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9052538&source=rss_topic17
FEMA to host joint influenza pandemic exercise
The Federal Emergency Management Agency (FEMA) will be hosting Operation PANEX ‘07, a joint federal-state exercise to strengthen contingency plans for an influenza pandemic. PANEX ‘07 is the first functional exercise of its type in the U.S. designed to determine best practices for a coordinated multi-agency response to an outbreak. The participants will involve key federal agencies including the Departments of Homeland Security, Health and Human Services, and Defense in partnership with their counterparts in the six New England states. The operation is part of an ongoing development opportunity to exercise established procedures and coordinated plans of action for disseminating public information and resource allocation. State Emergency Operations Centers will be activated and participating federal agencies will work with state and local health officials and emergency managers to respond to the simulated event.
Source: http://www.fema.gov/news/newsrelease.fema?id=41901
Source: http://www.fema.gov/news/newsrelease.fema?id=41901
Improving emergency response
The Scottsboro, Alabama, City Council is looking at mandating all homes and businesses be properly identified for emergency purposes. The City Council president formed a committee at Monday evening’s regularly scheduled meeting to study the matter. “The committee will give us the best idea where we need to put the identification numbers,” he said, adding that many businesses and residences are not identified and “that several times emergency personnel simply can’t find a place.”
Source: http://www.thedailysentinel.com/story.lasso?ewcd=331c8249d58c90ba
Source: http://www.thedailysentinel.com/story.lasso?ewcd=331c8249d58c90ba
Hastings High opens late after second bomb scare
For the second time in two days, Hastings High School in New York has been the subject of a bomb scare. Shortly after 8 a.m. on Wednesday police said the school has been evacuated. There was no estimate on when students and staff would be allowed to return. The incident was still being investigated, police said. As of 8:15 a.m. police were not able to tell if the circumstances of the threat today were similar to the one received yesterday by the school. No one at the school could be reached.
Source: http://www.thejournalnews.com/apps/pbcs.dll/article?AID=/20071212/NEWS02/712120418/1018/NEWS02
Source: http://www.thejournalnews.com/apps/pbcs.dll/article?AID=/20071212/NEWS02/712120418/1018/NEWS02
Hunters cause lockdown of five Walton County schools
Five schools were on lockdown in Walton County, Georgia after officials noticed suspicious people in an area outside a school. Officials said two students who went hunting nearby caused the lockdown. The two Monroe Area High School students were hunting before class early Wednesday morning when someone driving by saw the students with a shotgun and called police. The schools have been reopened.
Source: http://www.wsbtv.com/news/14831026/detail.html
Source: http://www.wsbtv.com/news/14831026/detail.html
Fort Dix attack plot suspects promoting terror in jail
Federal authorities say one of the men accused of planning an attack on soldiers at the Fort Dix army base gave another inmate in a federal detention center an Al Qaeda recruitment video and another wrote a note referring to the fight “we weren’t able to finish.” The five men — all foreign-born Muslims in their 20s — were arrested in May and charged with conspiring to kill uniformed military personnel. Authorities said they planned to sneak onto Fort Dix, a base in New Jersey used primarily to train reservists for duty in Iraq and Afghanistan. A sixth man later pleaded guilty to providing weapons to some of the five charged in the alleged conspiracy. There was no attack, however. The five suspects include three ethnic Albanians from the former Yugoslavia, a Jordanian, and a Turk. A hearing on the men’s bail motion is scheduled for December 20.
Source: http://www.foxnews.com/story/0,2933,316514,00.html
Source: http://www.foxnews.com/story/0,2933,316514,00.html
Glaxo diabetes drug raises heart risk in study
Another study has found evidence that certain diabetes drugs, especially Avandia, can cause heart attacks and death, but the company said the findings did not make scientific sense. The Canadian researchers said older patients treated with the drugs, known as thiazolidinediones, TZDs, or glitazones, had a significantly higher rate of death, heart attack and congestive heart failure and death. The medical records of 159,026 people aged 66 and older who were treated with diabetes pills for a median of 3.8 years through March 2006 showed a 60 percent increased risk of congestive heart failure, a 40 percent higher risk of heart attack, and a 29 percent higher risk of overall death among the patients who were taking Avandia alone. Glaxo said the study had “significant limitations and generates misleading conclusions.”
Source: http://www.reuters.com/article/health-SP/idUSN1155319720071212?sp=true
Source: http://www.reuters.com/article/health-SP/idUSN1155319720071212?sp=true
China launches drug recall system
China launched a nationwide recall system Wednesday that shifts responsibility to companies to recall harmful drugs, a day after U.S. and Chinese officials signed an agreement on the safety of medicine and medical devices. The recall plan will place Chinese-made drugs and imported drugs in three classes according to their possible danger to people’s health, a State Food and Drug Administration official said at a news conference. Each will have to be recalled within different timeframes, ranging from 24 hours for the most serious drugs, to 72 hours for those deemed less life-threatening. The global pharmaceutical industry increasingly uses drugs either made or containing ingredients sourced in China. That has put more attention on China to restore confidence in its manufacturing capabilities after a series of products were found to contain poisonous substances earlier in the summer. The agreement covers 10 exports to the U.S., and eight products the Chinese want to import. This is just a sliver of China’s health-related exports to the U.S. but the list may be expanded, China’s State Food and Drug Administration Deputy Director said.
Source: http://ap.google.com/article/ALeqM5joaNLMzxF92DLMMPf57gAJTkG94QD8TFT1C80
Source: http://ap.google.com/article/ALeqM5joaNLMzxF92DLMMPf57gAJTkG94QD8TFT1C80
Parts of Newport Harbor closed after sewage spill
In California, environmental health officials have closed a number of areas along Orange County’s coastline, including a portion of Newport Harbor, due to a sewage spill. The spill was caused by a line break at a private vessel pump-out station, according to a news release from the Orange County Health Care Agency. Other beaches had warnings of unhealthy water conditions. Long-term effects are expected in Newport Harbor due to urban runoff from the storms this past weekend. In other areas the bacteria levels near storm drains may become toxic due to the runoff from the Santiago Canyon fire in October. Beach visitors are strongly advised to avoid contact with bay water in those areas, officials said.
Source: http://www.dailypilot.com/articles/2007/12/12/publicsafety/dpt-harborclosures11.txt
Source: http://www.dailypilot.com/articles/2007/12/12/publicsafety/dpt-harborclosures11.txt
Sewage spill dumps 40,000 gallons into Loch Raven Reservoir feeder
An estimated 40,000 gallons of sewage overflowed from a broken line in Timonium, Maryland, before it was repaired late Sunday, according to county officials. The break in the 12-inch sewer line was detected about 9 a.m. Sunday and was repaired by that night, according to Baltimore County officials. The county’s Department of Environmental Protection and Resource Management has posted signs advising residents to avoid contact with the waters of Merryman Branch, a tributary of Loch Raven Reservoir. A county public works spokesman said that drinking water from the reservoir should not be affected by the sewage overflow because the water is treated. Officials suspect that the sewer line broke because of shifting soils in the area.
Source: http://www.baltimoresun.com/news/local/baltimore_county/bal-sewage1211,0,6312536.story
Source: http://www.baltimoresun.com/news/local/baltimore_county/bal-sewage1211,0,6312536.story
Arizona health officials track salmonella flare-up
State health officials are investigating a food-poisoning outbreak that has sickened 14 people in Arizona. The top epidemiologist for the Arizona Department of Health Services said seven of those ill in Arizona had to be hospitalized after becoming infected with salmonella. He said other states - California, Idaho and Nevada - also reported infections from the same strain. He said the outbreak this fall in Arizona has been surprising because so many of the people infected in Arizona had to be hospitalized and because the rod-shaped germ has resisted some antibiotics. Arizona experts believe the outbreak stemmed from an undetermined product sold by a chain store. However, they are not certain which food carried the germ or whether it is still being sold.
Source: http://www.azcentral.com/arizonarepublic/local/articles/1212B1-Salmonella1212.html
Source: http://www.azcentral.com/arizonarepublic/local/articles/1212B1-Salmonella1212.html
USDA seeks potato pest in Nebraska, 7 other states
The U.S. Department of Agriculture is worried that seed potato shipments from Canada to eight states might have been carrying the golden potato cyst nematodes, microscopic, wormlike pests that attack potato plants. The nematodes feed at the roots of potato plants and can reduce crop production by 80 percent. The department has banned additional shipments into the U.S. and plans to search for the nematode in fields in Idaho, Oregon, Washington, California, North Dakota, Colorado, Maine, and Nebraska. U.S. officials are concerned that discovery of the golden nematode in any of the eight states could lead to some countries banning U.S. potatoes, which happened in 2006 with the discovery of the similar pale potato cyst nematode in Idaho.
Source: http://www.columbustelegram.com/articles/2007/12/12/ap-state-ne/d8tft1mo1.txt
Source: http://www.columbustelegram.com/articles/2007/12/12/ap-state-ne/d8tft1mo1.txt
GAO to USPS: Address database errors
The USPS developed the U.S. Postal Service’s Facilities Database (FDB) in 2003 to capture and maintain data on the agency’s 34,000 facilities nationwide, but five years later, the database is still so riddled with errors that major components within USPS will not even use it, according to a Government Accountability Office report released December 10. Auditors found that the system has duplicate entries, multiple facility entries with the same function at the same address, and inconsistent data on square footage and building ownership. The errors were caused by inaccurate data in primary USPS systems — the Address Management and the Facility Management systems — that feed into the database, incorrect links to data from primary sources or mistakes made by local employees when entering data. Furthermore, the database does not contain fields for performance measures recommended by the Federal Real Property Council and does not track trends, the GAO said. USPS said it plans to improve the FDB’s reliability rather than scrap the database and agreed to establish additional controls to improve its reliability and usefulness.
Source: http://www.fcw.com/online/news/151053-1.html
Source: http://www.fcw.com/online/news/151053-1.html
New screening machine sees your carry-on in 3-D
A pilot program featuring a carry-on-baggage screening machine called the Analogic COBRA will go on line Saturday at Dallas/Fort Worth Airport’s Terminal D north security checkpoint. The Automatic Explosive Detection System, or Auto-EDS, creates three-dimensional representations of a bag’s contents using technology similar to medical CT scans and does not require the contents to be removed. It also features an automated bin return system.
Source: http://www.star-telegram.com/news/story/355300.html
Source: http://www.star-telegram.com/news/story/355300.html
FAA officials say JFK planes were not close to colliding
The Federal Aviation Administration says two planes were never at risk of actually colliding at JFK Sunday, after critics described the incident as a ‘near-miss.’ An FAA spokesman said yesterday that investigators have reviewed radar information and other data and concluded the planes were never in any danger. Air traffic controllers say it was an unnecessary risk that two planes were cleared to land at the same time on perpendicular runways. The pilot of a commuter jet decided not to land at the last second, fearing he was too close to a 747 cargo plane. The National Air Traffic Controllers Association and a New York senator are calling for all New York airports to immediately install advanced anti-collision tracking systems. The FAA says that system will be installed at JFK next August.
Source: http://www.ny1.com/ny1/content/index.jsp?stid=1&aid=76487
Source: http://www.ny1.com/ny1/content/index.jsp?stid=1&aid=76487
New tax scam targets West Alabama counties
Last week, the Internal Revenue Service issued a warning about a tax scam targeting those on social security retirement or social security disability in West Alabama. According to a media specialist for the IRS, Choctaw, Lamar, Pickens, Sumter, and Washington counties have all had instances of this new scam. Other counties, which might also be effected, are Butler, Clarke, Dallas, Fayette, Greene, Hale, Lowndes, Marengo, Perry, Tuscaloosa, and Wilcox. The IRS first received word of a possible scam when individuals and banks reported a large quantity of checks being cashed, which sent up the red flag for a scam. The way this scam usually works is a scam artist will offer to prepare their tax returns for free, reporting part or all of your Social Security benefits as taxable income. They may falsely claim some percentage of the benefits as tax withholding or claim the Earned Income Tax Credit, thereby generating a refund. Then scammers often prepare as many as three years worth of false refund claims per person or couple. The victim then files the fraudulent tax returns and may even erroneously receive a refund from the IRS. However, even if the IRS issues the requested refund, the agency will demand the money back with interest and perhaps a penalty. By that time, the scam artist has moved on and the victim is out the fees they paid to prepare the false returns.
Source: http://www.demopolistimes.com/articles/2007/12/12/news/news9521.txt
Source: http://www.demopolistimes.com/articles/2007/12/12/news/news9521.txt
New scam offers businesses chance to have companies listed in yellow pages
The Better Business Bureau of Minnesota is issuing a warning to businesses to be aware of a Northland scam involving “directory listings.” The BBB says complaints are being filed across the U.S., claiming a business with a Duluth address is offering other businesses a chance to have their company listed in a ‘yellow-pages’-style directory for a “fee.” In many cases, that fee has been paid in vain, as the BBB believes the directory does not actually exist. An address for suspect company is a P.O. Box at an area UPS store.
Source: http://www.northlandsnewscenter.com/news/local/12414071.html
Source: http://www.northlandsnewscenter.com/news/local/12414071.html
Computer simulates nuclear reactors
The Idaho National Laboratory (INL) in southeast Idaho has opened a high-speed computing center to simulate the operation of nuclear reactors. “Think of this as a new laboratory, because that’s what it is,” the INL Director told the Post Register. The INL on Monday dedicated the $10 million center that includes a main computer called “Icestorm.” Thesupercomputer can run three-dimensional simulations to show how nuclear reactors might operate under certain conditions. It has data collected from reactors all over the world. Icestorm can make as many calculations in one day as a home computer can make in five years, officials said, and has three times the computing power of the computer it replaces. The principal deputy assistant secretary for the Department of Energy said the computer, combined with the Advanced Test Reactor at INL and $15 million in equipment for the examination of materials that have been irradiated, allows the laboratory to conduct experiments faster and more thoroughly.
Source: http://www.casperstartribune.net/articles/2007/12/12/news/regional/dd88cf99d992af4c872573ae0071fb88.txt
Source: http://www.casperstartribune.net/articles/2007/12/12/news/regional/dd88cf99d992af4c872573ae0071fb88.txt
Pilgrim nuclear plant shut down for replacement of faulty valve
The Pilgrim nuclear power plant (Massachusetts) has been shut down while technicians replace a faulty safety valve. Plant officials said the plant will be powered back up again soon; they would not say precisely when. A spokesman said the shutdown, which began at 3 p.m. Monday, would last less than a week. Plant operators had been monitoring the valve, which is designed to allow radioactive steam from the reactor to escape into a containment vessel if pressure in the reactor gets too high. The spokesman said technicians had thought the valve would not have to be replaced until the summer, but they decided to replace it when it started deteriorating more quickly than expected. Because the valve is between the reactor and the containment vessel, the plant had to be powered down and allowed to cool.
Source: http://ledger.southofboston.com/articles/2007/12/12/news/news13.txt
Source: http://ledger.southofboston.com/articles/2007/12/12/news/news13.txt
30 workers evacuated after chemical spill in Bridgeview, Illinois
A spill Tuesday afternoon at a chemical plant in southwest suburban Bridgeview, Illinois, sparked a massive cleanup, but caused no injuries. Firefighters responded to a call at a chemical wholesaler just before 2 p.m. Firefighters evacuated 30 employees from the building and discovered the source of the spill: four 55-gallon drums of hydroxylamine sulfate, a mild corrosive that can be dangerous if inhaled. The cleanup occupied firefighters for nine hours, and company personnel even longer, but no employees or firefighters were injured.
Source: http://www.chicagotribune.com/news/local/chi-bridgeview_webdec12,1,3158673.story?track=rss
Source: http://www.chicagotribune.com/news/local/chi-bridgeview_webdec12,1,3158673.story?track=rss
University of Massachusetts establishes new chemical tracking program and facility
The University of Massachusetts opened a new chemical tracking program and facility Thursday in hopes of better regulation of the chemicals used on campus. The Chemical Environmental Management System (CEMS) and laboratory seeks to improve laboratory programs and provide important safety and response information. The department of environmental health and safety (EHS) has managed the CEMS and expects the new chemical programs to improve the use and control of chemicals on campus. According to the EHS, the new programs and laboratories are expected to result in drastic reduction of unnecessary chemical purchases in addition to improved overall control of the chemicals used on campus. The EHS also plans to develop more efficient disposal methods for the chemicals on campus and enhanced information for emergency response. The CEMS program will also fulfill new federal anti-terrorism laws that require universities and colleges to keep an inventory of specific chemicals to submit online to a federal database.
Source: http://media.www.dailycollegian.com/media/storage/paper874/news/2007/12/12/News/Umass.Establishes.New.Chemical.Tracking.Program.And.Facility-3142389.shtml
Source: http://media.www.dailycollegian.com/media/storage/paper874/news/2007/12/12/News/Umass.Establishes.New.Chemical.Tracking.Program.And.Facility-3142389.shtml
Exxon to put floating gas plant off N.J. coast
Exxon Mobil plans to build a floating liquefied-natural-gas plant off the New Jersey coast to import enough fuel to supply 5 million homes. The facility, to be known as BlueOcean Energy, will cost more than $1 billion and will begin operating in about 2015, Exxon Mobil said yesterday in a statement. Demand for gas is rising as governments around the world crack down on greenhouse-gas emissions from coal-burning electricity plants. U.S. gas prices have more than tripled since the 1990s as consumption climbed faster than production, prompting energy companies to increase access to more LNG imports. “BlueOcean Energy will provide significant economic benefits to New Jersey and New York and will help the region achieve its environmental objectives,” the vice president of Exxon Mobil’s global LNG business, said in a statement. The BlueOcean terminal, to sit 20 miles offshore, will be far enough away to be out of sight of coastal residents, Exxon Mobil said. The facility, which will include a plant to vaporize the liquid cargoes, will be clear of shipping lanes and ports, Exxon Mobil said.
Duke Energy moves ahead with plans for new nuclear plant
Duke Energy has asked regulators in South Carolina to approve its decision to spend up to $230 million developing a new nuclear power plant. The company has said it is leaning toward building the new power plant near Gaffney, but says in its filing with the South Carolina Public Service Commission that a final decision where to build the power plant has not been made. In the filing, Duke Energy says the money is needed to make sure opening the nuclear power plant remains an option for the next decade. The filing did not give an indication of when the utility will make a final decision on whether to build the plant or where it might be located.
Oklahoma utility crews making a dent in power outage numbers
Getting the power back on is a top priority for thousands of utility crews, which have converged on Oklahoma. Many electric customers across northeast Oklahoma have been in the dark since Sunday when freezing rain began to fall and it could be several more days before some of them get their power restored. Oklahoma Gas & Electric reports it has 207,183 outages. The Public Service Company of Oklahoma has 196,835 customers without power; just fewer than 180,000 of those customers are in the Tulsa metro area. Elsewhere, Northeast Electric Cooperative is working to get 9,700 customers turned on. East Central Electric Cooperative has almost 9,700 customers in the dark. Seven-thousand customers in Verdigris Valley Electric’s coverage area are off line and 3,500 Indian Electric customers are without electricity.
Thursday, December 13, 2007
DOE Lab Hacked
No classified information was lost but the personal information of visitors may have been stolen from the Oak Ridge National Laboratory.
By Thomas Claburn InformationWeek December 7, 2007 03:48 PM
Oak Ridge National Laboratory, a U.S. Department of Energy facility, said on Thursday that its computer network had been comprised by a spear-phishing attack.
"A hacker illegally gained access to ORNL computers by sending staff e-mails that appeared to be official legitimate communications," ORNL said in a statement. "When the employees opened the attachment or accessed an embedded link, the hacker planted a program on the employees' computers that enabled the hacker to copy and retrieve information. The original e-mail and first potential corruption occurred on October 29, 2007. We have reason to believe that data was stolen from a database used for visitors to the Laboratory."
ORNL said that no classified information was lost but that the personal information of visitors may have been stolen. Visitors to the laboratory between 1990 and 2004 may have had their personal information, such as Social Security number and date of birth, stolen as a result of the data theft.
The breach occurred on Oct. 29, 2007. ORNL said there's no evidence that the stolen information has been used for identity theft fraud, but nonetheless recommended that anyone who visited the lab between 1990 and 2004 place a fraud alert on their credit file.
A spokesperson for ORNL wasn't immediately available.
Spear-phishing -- sending e-mail messages that appear to come from a business or associate with whom the recipient has a relationship in order to dupe the recipient into clicking on a link to a malicious site or content -- is a major concern for the government because it has proven to be an effective means of cyberespionage. It works because it relies on human gullibility to bypass perimeter-based security measures.
More than 90% of the serious breaches in which sensitive information is taken from government agencies involve spear phishing, according to Alan Paller, research director for the SANS Institute. In a phone interview prior to the release of the SANS Top 20 Internet Security Risks of 2007, Paller spoke of a chief information security officer of a federal agency who discovered that his computer was sending information to China. The official had been the target of spear phishing. "Even the people who are responsible for security aren't secure," said Paller.
According to a report released earlier this week by the Anti-Phishing Working Group, the number of password-stealing Trojan keyloggers detected rose for the fourth month in a row in August, for a total of 294 unique variants. The working group also said that the number of unique phishing reports submitted to the group in August was 25,624, an increase from the 2,500 reports in July.
Last year, InformationWeek published a report about the prevalence of compromised computers (bots) at government agencies and laboratories. Data provided by Trend Micro suggested that thousands of bots were operating from within government organizations and affiliated entities.
By Thomas Claburn InformationWeek December 7, 2007 03:48 PM
Oak Ridge National Laboratory, a U.S. Department of Energy facility, said on Thursday that its computer network had been comprised by a spear-phishing attack.
"A hacker illegally gained access to ORNL computers by sending staff e-mails that appeared to be official legitimate communications," ORNL said in a statement. "When the employees opened the attachment or accessed an embedded link, the hacker planted a program on the employees' computers that enabled the hacker to copy and retrieve information. The original e-mail and first potential corruption occurred on October 29, 2007. We have reason to believe that data was stolen from a database used for visitors to the Laboratory."
ORNL said that no classified information was lost but that the personal information of visitors may have been stolen. Visitors to the laboratory between 1990 and 2004 may have had their personal information, such as Social Security number and date of birth, stolen as a result of the data theft.
The breach occurred on Oct. 29, 2007. ORNL said there's no evidence that the stolen information has been used for identity theft fraud, but nonetheless recommended that anyone who visited the lab between 1990 and 2004 place a fraud alert on their credit file.
A spokesperson for ORNL wasn't immediately available.
Spear-phishing -- sending e-mail messages that appear to come from a business or associate with whom the recipient has a relationship in order to dupe the recipient into clicking on a link to a malicious site or content -- is a major concern for the government because it has proven to be an effective means of cyberespionage. It works because it relies on human gullibility to bypass perimeter-based security measures.
More than 90% of the serious breaches in which sensitive information is taken from government agencies involve spear phishing, according to Alan Paller, research director for the SANS Institute. In a phone interview prior to the release of the SANS Top 20 Internet Security Risks of 2007, Paller spoke of a chief information security officer of a federal agency who discovered that his computer was sending information to China. The official had been the target of spear phishing. "Even the people who are responsible for security aren't secure," said Paller.
According to a report released earlier this week by the Anti-Phishing Working Group, the number of password-stealing Trojan keyloggers detected rose for the fourth month in a row in August, for a total of 294 unique variants. The working group also said that the number of unique phishing reports submitted to the group in August was 25,624, an increase from the 2,500 reports in July.
Last year, InformationWeek published a report about the prevalence of compromised computers (bots) at government agencies and laboratories. Data provided by Trend Micro suggested that thousands of bots were operating from within government organizations and affiliated entities.
Software Vendors Accuse Prestigious Law Firm Of Piracy
The SIIA charged in a lawsuit that law firm Fox Rothschild is stealing software made by Adobe, Corel, Sonic Solutions, and Symantec.
By Paul McDougall InformationWeek December 10, 2007 03:44 PM
A Philadelphia law practice recently ranked among the nation's top 200 firms has been accused by a software industry group of stealing business applications made by Adobe (NSDQ: ADBE), Symantec (NSDQ: SYMC), and other vendors, InformationWeek has learned.
In a lawsuit filed last week on behalf of the vendors by the Software Information Industry Association, the firm of Fox Rothschild is alleged to have "engaged in the unauthorized reproduction and use" of software made by Adobe, Corel, Sonic Solutions, and Symantec.
The vendors claim that Fox Rothschild's alleged "copyright infringement" is causing them "repeated and irreparable injury." The suit, filed in federal court in Northern California, does not specify which specific software products the firm is alleged to be using without authorization, or their estimated value.
Fox Rothschild chief information officer Brook Lee did not immediately return a message left on his voice mail seeking comment.
Adobe, Symantec, Corel, and Sonic are asking the court to prohibit the firm from continuing to use their software, and are seeking unspecified damages. They're also asking the court for an order that would prohibit Fox Rothschild from erasing the software from its networks or destroying any electronic documentation related to its use or installation.
SIIA litigation counsel Scott Bain said Fox Rothschild's alleged software misappropriation came to the group's attention through a whistleblower program it operates.
Talks aimed at settling the matter out of court went nowhere, Bain said. "They took a particularly aggressive stance toward us so we decided to sue," said Bain. "We were disappointed. You'd think that a law firm would know better."
Fox Rothschild appeared last year on American Lawyer magazine's list of the nation's top 200 firms.
By Paul McDougall InformationWeek December 10, 2007 03:44 PM
A Philadelphia law practice recently ranked among the nation's top 200 firms has been accused by a software industry group of stealing business applications made by Adobe (NSDQ: ADBE), Symantec (NSDQ: SYMC), and other vendors, InformationWeek has learned.
In a lawsuit filed last week on behalf of the vendors by the Software Information Industry Association, the firm of Fox Rothschild is alleged to have "engaged in the unauthorized reproduction and use" of software made by Adobe, Corel, Sonic Solutions, and Symantec.
The vendors claim that Fox Rothschild's alleged "copyright infringement" is causing them "repeated and irreparable injury." The suit, filed in federal court in Northern California, does not specify which specific software products the firm is alleged to be using without authorization, or their estimated value.
Fox Rothschild chief information officer Brook Lee did not immediately return a message left on his voice mail seeking comment.
Adobe, Symantec, Corel, and Sonic are asking the court to prohibit the firm from continuing to use their software, and are seeking unspecified damages. They're also asking the court for an order that would prohibit Fox Rothschild from erasing the software from its networks or destroying any electronic documentation related to its use or installation.
SIIA litigation counsel Scott Bain said Fox Rothschild's alleged software misappropriation came to the group's attention through a whistleblower program it operates.
Talks aimed at settling the matter out of court went nowhere, Bain said. "They took a particularly aggressive stance toward us so we decided to sue," said Bain. "We were disappointed. You'd think that a law firm would know better."
Fox Rothschild appeared last year on American Lawyer magazine's list of the nation's top 200 firms.
Vulnerabilities Found In Microsoft Access And HP Laptop Software
US-CERT is warning the weaknesses may allow an attacker to execute remote code without additional user interaction.
By Thomas Claburn InformationWeek December 12, 2007 01:50 PM
The United States Computer Emergency Readiness Team (US-CERT) this week issued two warnings about public exploit code.
On Monday, the government security group said that there's a stack buffer overflow vulnerability in the way that Microsoft (NSDQ: MSFT) Access handles Microsoft Access Database (.MDB) files. Opening maliciously-crafted .MDB files may allow an attacker to execute remote code without additional user interaction, the group said.
US-CERT did not provide details beyond stating that the vulnerability was being actively exploited. A proof-of-concept exploit has been available since November 16.
Microsoft considers .MDB files to be unsafe, along with many other file types. "Microsoft customers should be aware that opening unsafe types of files could cause malicious damage to computer systems," the company states in its support documentation. "These files could contain viruses or Trojan horse programs and could be used to alter or to delete information that is stored on the computer. These files could also be used to send information that is stored on a computer to other computers. We recommend that customers only open these types of files after customers verify that the sender is trustworthy and that the sender intentionally sent the file."
Some of the files types Microsoft classifies as unsafe are: program files (*.exe), batch files (*.cmd and *.bat), script files (*.vbs and *.js), Microsoft Access files (*.mdb) and macros in Microsoft Word files (*.doc) or in Microsoft Excel files (*.xls). The Microsoft Access stack buffer overflow vulnerability was not among those Microsoft fixed on December 11 in its monthly security patch bulletin.
On Wednesday, US-CERT said it was also aware of reports of a possible vulnerability in the HP (NYSE: HP) Info Center Software found on HP Laptops. The group said that the flaw could allow an attacker to execute remote code on the affected laptop or alter the laptop's system registry.
A proof-of-concept exploit for the HP software flaw was posted on Tuesday.
By Thomas Claburn InformationWeek December 12, 2007 01:50 PM
The United States Computer Emergency Readiness Team (US-CERT) this week issued two warnings about public exploit code.
On Monday, the government security group said that there's a stack buffer overflow vulnerability in the way that Microsoft (NSDQ: MSFT) Access handles Microsoft Access Database (.MDB) files. Opening maliciously-crafted .MDB files may allow an attacker to execute remote code without additional user interaction, the group said.
US-CERT did not provide details beyond stating that the vulnerability was being actively exploited. A proof-of-concept exploit has been available since November 16.
Microsoft considers .MDB files to be unsafe, along with many other file types. "Microsoft customers should be aware that opening unsafe types of files could cause malicious damage to computer systems," the company states in its support documentation. "These files could contain viruses or Trojan horse programs and could be used to alter or to delete information that is stored on the computer. These files could also be used to send information that is stored on a computer to other computers. We recommend that customers only open these types of files after customers verify that the sender is trustworthy and that the sender intentionally sent the file."
Some of the files types Microsoft classifies as unsafe are: program files (*.exe), batch files (*.cmd and *.bat), script files (*.vbs and *.js), Microsoft Access files (*.mdb) and macros in Microsoft Word files (*.doc) or in Microsoft Excel files (*.xls). The Microsoft Access stack buffer overflow vulnerability was not among those Microsoft fixed on December 11 in its monthly security patch bulletin.
On Wednesday, US-CERT said it was also aware of reports of a possible vulnerability in the HP (NYSE: HP) Info Center Software found on HP Laptops. The group said that the flaw could allow an attacker to execute remote code on the affected laptop or alter the laptop's system registry.
A proof-of-concept exploit for the HP software flaw was posted on Tuesday.
AT&T Offers Schools RFID Tracking For People And Assets
The product helps schools keep track of equipment, as well as students, visitors, and staff, using radio ID tags combined with GPS-based resource management services.
By Elena Malykhina InformationWeek December 12, 2007 04:50 PM
AT&T (NYSE: T) on Wednesday began providing radio-frequency identification and GPS-based products and services that schools can use to track students, assets, visitors, and their staff.
AT&T's RFID application is designed to work in conjunction with GPS-based mobile resource management services, as well as the carrier's wireless data network and hosted applications.
With AT&T's offering, schools can track people or assets by placing Wi-Fi-based RFID tags on ID badges attached to equipment, bracelets, shirt pockets, or book bags. The mobile resource management system would then relay the location of the tagged person or asset over AT&T's wireless data network to a secure Web site portal. The data would be accessible by authorized personnel that have access to a Web browser.
Through the use of active RFID, meaning tags that send out a signal to broadcast their location, schools can potentially minimize theft of high-value equipment and assets like computers and lab equipment. It would also make it easier to locate mobile equipment in a large building, such as a school, said AT&T.
Supplying students with RFID badges would help with daily attendance in schools and help the staff identify students who are absent by importing information in the student-information databases. The same could be applied to school visitors, especially to prevent them from entering unauthorized areas.
AT&T also said its system could aid in emergency situations, helping locate school staff to make sure that nobody is left in the building if evacuation were necessary.
One other application is the tracking of school buses to ensure student safety and help school districts route buses more efficiently. In this case, RFID readers and tracking devices would be placed on the buses to get location data.
AT&T would design, deploy, and manage the mobile devices and applications, the network, and data centers, in addition to the infrastructure that includes RFID readers, tags, data-collection servers, LANs, wireless LANs, firewalls, and routers.
By Elena Malykhina InformationWeek December 12, 2007 04:50 PM
AT&T (NYSE: T) on Wednesday began providing radio-frequency identification and GPS-based products and services that schools can use to track students, assets, visitors, and their staff.
AT&T's RFID application is designed to work in conjunction with GPS-based mobile resource management services, as well as the carrier's wireless data network and hosted applications.
With AT&T's offering, schools can track people or assets by placing Wi-Fi-based RFID tags on ID badges attached to equipment, bracelets, shirt pockets, or book bags. The mobile resource management system would then relay the location of the tagged person or asset over AT&T's wireless data network to a secure Web site portal. The data would be accessible by authorized personnel that have access to a Web browser.
Through the use of active RFID, meaning tags that send out a signal to broadcast their location, schools can potentially minimize theft of high-value equipment and assets like computers and lab equipment. It would also make it easier to locate mobile equipment in a large building, such as a school, said AT&T.
Supplying students with RFID badges would help with daily attendance in schools and help the staff identify students who are absent by importing information in the student-information databases. The same could be applied to school visitors, especially to prevent them from entering unauthorized areas.
AT&T also said its system could aid in emergency situations, helping locate school staff to make sure that nobody is left in the building if evacuation were necessary.
One other application is the tracking of school buses to ensure student safety and help school districts route buses more efficiently. In this case, RFID readers and tracking devices would be placed on the buses to get location data.
AT&T would design, deploy, and manage the mobile devices and applications, the network, and data centers, in addition to the infrastructure that includes RFID readers, tags, data-collection servers, LANs, wireless LANs, firewalls, and routers.
Insiders Remain Greatest Security Threat
Workers and other insiders admit to risky behavior -- like accessing corporate e-mail from Wi-Fi hot spots -- in a survey by security firm RSA.
By Thomas Claburn InformationWeek December 11, 2007 05:20 PM
The people inside an organization represent its greatest security risk.
That's according to a report (pdf) released on Monday by RSA, the security division of enterprise storage company EMC (NYSE: EMC).
RSA said that the survey was fielded in November and consisted of 126 of person-on-the-street interviews (using questionnaires) of government and corporate office workers in Boston and Washington, D.C.
"The findings of the survey underscore that the threat posed to data by well-meaning insiders -- employees, contractors, suppliers, partners, visitors and consultants who have physical and/or logical access to organizational assets -- greatly broadens that posed by malicious insiders who deliberately leak sensitive data for personal financial gain or other criminal purposes," the report states.
The recent 2007 SANS Top 20, a list of the year's most significant security risks, also noted that computer users tended to be the weakest link in the computer security chain.
What sort of risky behavior are office workers engaging in? Some 52% said they sometimes or frequently accessed work-related e-mail via a public computer, such as a might be found at a Internet cafe, hotel, or airport. And 56% sometimes or frequently accessed work-related e-mail through a wireless hotspot.
Asked, "Have you ever lost a laptop, smartphone and/or USB flash drive with corporate information on it?", 8% said they had.
And 63% of respondents indicated that they sometimes or frequently send corporate documents to a personal e-mail address in order to work on them at home.
While the RSA report suggests that additional security technology can mitigate these risks -- RSA is in the business of selling such things, after all -- it also acknowledges that the blame for users' disregarding security policies belongs in part with the creators of those policies.
"Organizations can mitigate this risk by developing information-centric policies that acknowledge and align with the needs and realities of the business," the report says. "Once such policies are in place, companies should constantly measure actual user behavior against established policy and use what they learn to inform smart policy changes that minimize risk and maximize business productivity. When security is as convenient as possible for end users, they are less likely to work around security policy."
And the fact is for many workers, corporate security policies are either not convenient or are poorly understood. About 35% of respondents said that they felt they needed to work around corporate security policies to get their jobs done.
Sam Curry, VP of product management at RSA, said that the survey respondents were "innocent people working hard to do their jobs" and risks arising from their willful or accidental contravention of corporate policy weren't the product of malice. "Security procedures need to be in touch with the realities of human behavior," he said.
Curry stressed the need for user education, to make workers aware of the consequence of their actions. And he also said that organizations needed tools to monitor employee behavior to understand the gaps between policy and worker behavior. "Organizations need visibility into how people actually behave," he said.
By Thomas Claburn InformationWeek December 11, 2007 05:20 PM
The people inside an organization represent its greatest security risk.
That's according to a report (pdf) released on Monday by RSA, the security division of enterprise storage company EMC (NYSE: EMC).
RSA said that the survey was fielded in November and consisted of 126 of person-on-the-street interviews (using questionnaires) of government and corporate office workers in Boston and Washington, D.C.
"The findings of the survey underscore that the threat posed to data by well-meaning insiders -- employees, contractors, suppliers, partners, visitors and consultants who have physical and/or logical access to organizational assets -- greatly broadens that posed by malicious insiders who deliberately leak sensitive data for personal financial gain or other criminal purposes," the report states.
The recent 2007 SANS Top 20, a list of the year's most significant security risks, also noted that computer users tended to be the weakest link in the computer security chain.
What sort of risky behavior are office workers engaging in? Some 52% said they sometimes or frequently accessed work-related e-mail via a public computer, such as a might be found at a Internet cafe, hotel, or airport. And 56% sometimes or frequently accessed work-related e-mail through a wireless hotspot.
Asked, "Have you ever lost a laptop, smartphone and/or USB flash drive with corporate information on it?", 8% said they had.
And 63% of respondents indicated that they sometimes or frequently send corporate documents to a personal e-mail address in order to work on them at home.
While the RSA report suggests that additional security technology can mitigate these risks -- RSA is in the business of selling such things, after all -- it also acknowledges that the blame for users' disregarding security policies belongs in part with the creators of those policies.
"Organizations can mitigate this risk by developing information-centric policies that acknowledge and align with the needs and realities of the business," the report says. "Once such policies are in place, companies should constantly measure actual user behavior against established policy and use what they learn to inform smart policy changes that minimize risk and maximize business productivity. When security is as convenient as possible for end users, they are less likely to work around security policy."
And the fact is for many workers, corporate security policies are either not convenient or are poorly understood. About 35% of respondents said that they felt they needed to work around corporate security policies to get their jobs done.
Sam Curry, VP of product management at RSA, said that the survey respondents were "innocent people working hard to do their jobs" and risks arising from their willful or accidental contravention of corporate policy weren't the product of malice. "Security procedures need to be in touch with the realities of human behavior," he said.
Curry stressed the need for user education, to make workers aware of the consequence of their actions. And he also said that organizations needed tools to monitor employee behavior to understand the gaps between policy and worker behavior. "Organizations need visibility into how people actually behave," he said.
Subscribe to:
Posts (Atom)
