OSC Guardian - Safety Advice

OSC GUARDIAN - SAFETY ADVICE
www.OramSecurity.com

Sunday, December 4, 2011

OSC Guardian - Safety Advice

Before your laptop is stolen, take preventive measures by adding tracking software. Visit these sites for information: www.sentryinc.com and www. computrace.com.

Monday, July 18, 2011

The Real Price of Virtual Kidnappings

This is very interesting and has the possibility of becoming a real threat herein the US.  
By Matthew Harwood
A man travels to Mexico on business. During his trip, his wife receives a call from her husband’s cell phone. Upon answering, she hears screaming. Then the voice of a stranger comes onto the phone, saying the screams were those of her husband, whom he has kidnapped. He demands a money transfer of $1,000 within five hours, adding that if he doesn’t get the payment, he will kill her husband. A few expletives are thrown in for emphasis.

Read More

There are ways to avoid being the victim of a virtual kidnapping scheme, say experts. One of the first and most important steps is to practice good cell-phone hygiene. Jaime Garcia, security manager for Mexico and Texas for the automotive parts maker Delphi, advises employees to go through their cell phones and eliminate any generic names.
 
“There should be no ‘home,’ ‘office,’ ‘babe,’ ‘honey,’ whatever,” he says. That way, a virtual kidnapper can’t just steal a phone and hit one of those contacts to make the ransom call. Garcia suggests that travelers clear their calling history daily so that a thief won’t be able to guess by the frequency of calls that a particular number is a loved one or an employer.
 
He also advises employees with the ability to password protect their cell phone or smartphone to do so. Virtual kidnappers can’t access phone numbers or personal information if they can’t get at it. And they need that type of information to carry out their scheme.

Wednesday, June 22, 2011

GAO Assesses Physical Security at General Aviation Airports

By Matthew Harwood

Lack of standardized physical security measures at general aviation airports across the country could allow intruders to commandeer planes, presenting a terrorism risk, according to a Government Accountability Office (GAO) report released yesterday (.pdf).
The GAO visited 13 general aviation airports--three of which also serviced commercial flights--and assessed how the airports' security measures prevent unauthorized access to the airport and its planes. Unlike commercial airports, general aviation airports are not required to implement a broad range of standardized physical security measures by the Transportation Security Administration (TSA). Rather TSA has provided general aviation airport operators voluntary security guidelines, but many operators have not bolstered physical security because of scarce resources.
During the GAO's assessment, its investigators did find that 12 of the 13 airports had perimeter protection. But half of those with some type of perimeter protection had fencing too close to impediments like greenery. "[A]t 6 of the airports fencing was partially bordered by bushes or trees or located next to a parking lot, which can obstruct surveillance or allow someone to scale or topple the fence," the GAO reports.
None of the ten exclusively general aviation airports had perimeter lighting, which the report says provides a real and psychological deterrent to intruders. Officials at some of those airports told the GAO that they didn't need perimeter lighting because street lights provided enough illumination. All 13 airports visited, however, did have lighting around hangars.
The ten general aviation airports also monitored for intrusions differently, generally preferring CCTV and on-site law enforcement or private security guards to integrated intrusion detection systems. (For a breakdown of the security measures at the airports, see the chart on the next page.)
"The results of our assessment are meant to illustrate the variation in physical security conditions at the selected airports," the GAO report explains. "Since TSA does not require the implementation of security measures for airports with only general aviation operations, our assessments are not meant to imply that any of the 13 airports we visited have failed to implement required security measures."
Three general aviation airports admitted that they have had instances of intruders gaining access to the airport. One airport reported that it had two planes removed or stolen from the airport without approval. The stolen airplane was recovered in Mexico.





The GAO letter to Congress accompanying the report notes that small airplanes taking off from general aviation airports do present a homeland security threat. The report points to Joseph Stack's February 2010 terrorist attack, in which he crashed a single-engine plane into an IRS building in Austin, Texas. Stack's suicide attack killed one IRS employee and injured many others.
Congress's watchdog also reminds members of Congress that larger airplanes taking off from general aviation airports present a 9-11-style threat as well. "Larger aircraft, such as midsized and larger business jets, could cause  catastrophic damage to structures and pose a greater risk if they are located near major metropolitan areas."
More than 200,000 aircraft--both large and small--operate at more than 19,000 general aviation facilities within the United States. General aviation is any aircraft that does not have a commercial, such as cargo and passenger planes, or military purpose. Most aircraft are owned by private individuals or businesses and operate "on demand," meaning their flights are rarely scheduled.
In response to the report, the Department of Homeland Security agreed with the GAO report but stressed that general aviation operators do not have the money to improve their security posture.
"TSA would also like to note that while most airports would readily implement the security measures recommended by TSA, they are unable to put additional security measures in place primarily because of a lack of funding," wrote DHS's Jim H. Crumpacker, director of the Departmental GAO/OIG Liaison Office.

Friday, June 3, 2011

NYC Hotel to Buy 'Panic Buttons' for Housekeepers


Associated Press (06/01/11)

New York City's Pierre Hotel is promising to purchase "panic buttons" for its staff and begin sexual harassment training for all employees following the alleged sexual assault of a housekeeper on May 29. According to authorities, Mahmoud Abdel Salam Omar, a businessman and the former chairman of a large Egyptian bank, locked the housekeeper in a room at the hotel and sexually assaulted her. Omar has denied the charges against him. As a result of the alleged attack, housekeepers at The Pierre Hotel will now be given wireless devices to alert hotel management if they are assaulted. New York City's Sofitel Hotel, which was the scene of last month's alleged sexual assault of a housekeeper by former International Monetary Fund leader Dominique Strauss-Kahn, has also promised to issue the devices to its housekeepers. In addition, the New York Hotel and Motel Trades Council has said that it will push for the devices in its contract negotiations with 150 hotels in 2012. However, hotel security expert Anthony Roman said that panic buttons are not a panacea and that they come with their own set of complications. Roman said the devices must be small and inconspicuous so the attacker cannot remove them easily. They must also have a locating feature that works indoors so that security can find an employee in distress.

Thursday, June 2, 2011

Cyber Attacks Deemed an Act of War

The Pentagon for the first time has declared that cyber attacks originating in other countries are an act of war, which clears the path for a military response, according to The Wall Street Journal.
In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official.
Recent attacks on the Pentagon's own systems—as well as the sabotaging of Iran's nuclear program via the Stuxnet computer worm—have given new urgency to U.S. efforts to develop a more formalized approach to cyber attacks. A key moment occurred in 2008, when at least one U.S. military computer system was penetrated. This weekend Lockheed Martin, a major military contractor, acknowledged that it had been the victim of an infiltration, while playing down its impact.
The categorization will come as a part of the Pentagon's first formal cyber strategy. The Journal reports that the unclassified segments of this document will become available next month.
There are some questions that the article brings up, such as the difficulties of determining the origin of a cyber attack, and how it will be determined that an attack is extensive enough to warrant action.
According to the Journal, "The move to formalize the Pentagon's thinking was borne of the military's realization the U.S. has been slow to build up defenses against these kinds of attacks, even as civilian and military infrastructure has grown more dependent on the Internet."
The United States is not merely a victim of computer attacks; there is also speculation the the U.S. assisted in developing Stuxnet, which attacked some of Iran's nuclear facilities.

Tuesday, May 17, 2011

The thin Blue Line suffered more losses in 2010 than 2009.

The FBI releases its statistics for police officers feloniously killed in the line of duty last year. "According to preliminary statistics released today by the FBI, 56 of our nation’s law enforcement officers were feloniously killed in the line of duty during 2010," according to the press release. "By region, 22 victims were killed in the South, 18 in the West, 10 in the Midwest, three in the Northeast, and three in Puerto Rico. The total number of officers feloniously killed in 2010 was eight more than the 48 officers slain in 2009."

Are we getting our moneys worth from Homeland Security?

Officials from the Department of Homeland Security spend too much of their time answering to too many congressional committees. "The department, cobbled together quickly out of 22 other agencies after the Sept. 11, 2001, terror attacks, answers to 108 congressional committees, subcommittees, caucuses and the like, about four times as many as the departments of State and Justice combined," reports the Associated Press. "Officials and staff spent about 66 work years responding to questions from Congress in 2009 alone. That same year, Homeland Security officials say they answered 11,680 letters, gave 2,058 briefings and sent 232 witnesses to 166 hearings. All this at a cost to taxpayers of about $10 million."

Monday, May 16, 2011

New Security Enhancements at Facebook

Facebook announced several security enhancements last week including a new two-factor authentication system and a partnership with a service that can help users avoid clicking on risky or malicious links.
With the optional new Login Approvals service, users will be required to enter an additional code, sent to them via text message, when logging in from a new or unrecognized computer or device. Once the code is entered, users then have the option to save the device to their account so that it no longer requires additional authentication, according to a Facebook blog announcing the new measures.
Users will also see when attempts have been made to access their account from an unrecognized device, but no code was entered, according to the post. If users don’t recognize the login attempt, they’ll be able to change their password “with the knowledge that while someone else may have known [the] login credentials, he or she was unable to access your account.” Login Approvals can be enabled through the “Account Security” section of the account settings page, according to the post.
One aim of the new service was to balance security and usability, according to a separate Facebook blog post. Two-factor authentication sometimes requires users to download applications or to purchase physical tokens, it states. “These are good approaches, and we're considering incorporating them in the future, but they require a lot from the user before being able to turn on the feature. To have the biggest impact and provide this added security to the most people, we decided on SMS.”
Facebook also announced a partnership with Web of Trust (WOT), which ranks Web sites based on feedback provided by WOT community members. The tool, which contains rankings of millions of sites, can help reduce the risk of phishing, spam, scams, and other threats, according to the Facebook post announcing the security enhancements.
Facebook already has a system that automatically scans links to determine whether the Web sites associated with the links are “spammy” or contain malware, according to the post. In the coming months, the company will “increase [its] coverage even more by working with other industry leaders.”

Wednesday, May 11, 2011

Lone Wold Terrorists threat to US.

♦ A joint U.S. Department of Homeland Security/FBI bulletin sent to state and local law enforcement agencies says that lone individuals who favor al-Qaida's extremest ideology are most likely to attack inside the United states in the short-term. The bulletin warns that these individuals are "unburdened by organizational constraints that can slow operational decisions by established terrorist groups," says CNN. The bulletin asks local law enforcement to be especially watchful for suspicious activity.
♦ A new report from the Institute for Homeland Security Solutions at RTI International reveals that while it may be the lone wolves who are most likely to attack, it's the average Joes who are most likely to stop them. Researchers from the Institute for Homeland Security Solutions and the RAND Corporation analyzed 68 potential cases of terrorism in the United States from 1999 to 2009.The findings included that "the general public helped foil nearly a third of those attacks, largely by tipping off law enforcement officers. The tips were of a substantial nature; people noticed genuinely threatening actions that many citizens would not see."

Monday, May 9, 2011

Americans’ security concerns rose again this year.

Americans’ security concerns rose again this year with fears over terrorism and identity theft topping the list. In the U.S. Unisys Security Index, anxiety over security was at its highest level since the survey began in 2007. National security is the main worry with two-thirds of Americans seriously concerned over war and terrorism. However, the safety of infrastructure is also an issue. Approximately 59 percent of those surveyed were seriously concerned about the bridges, power plants, and pipelines.