Shops Make It Easy for Thieves, Report Alleges

A new report revealing the habits of shoplifters has found that stores actually make it easier for them to steal, according to Martin Gill, former Professor of Criminology at the University of Leicester. Shoplifters across three continents have been filmed by academic researchers for the first time as they recreated their crimes.

The report focussed particular attention on what is called the “decision circle”, the six key stages at which thieves make decisions about their stealing: 1. Choosing the store; 2. Entering the store; 3. Locating the product; 4. Concealing the product; 5. Leaving the store; 6. Disposing of the goods.

ARC Training plans to launch a Retail Security Course in 2008. For details and a full copy of Professor Gill’s report, contact David.

More Attacks "in the Pipeline"

Yemeni security officials said they arrested two men in June suspected of al-Qaeda links who confessed to a recent attack on an oil pipeline near the port city of Aden. The men tried unsuccessfully to blow up the pipeline with TNT, Yemeni officials reported, speaking on condition of anonymity according to government policy.

Pipelines are a preferred target of terrorists and insurgents. In Colombia, terrorist groups, primarily the Revolutionary Armed Forces of Colombia (FARC) and the National Liberation Army (ELN,) have attacked the 480-mile Cano Limon-Covenas oil pipeline so many times that it became known as “the flute.”

Recently, three men were arrested in the US on charges of plotting to blow up buildings, fuel tanks and pipelines at JFK Airport, New York. One particular pipeline that came under specific scrutiny from the would-be attackers was the 65 km fuel pipeline from New Jersey to the airport.

Pipeline security will be one of the subjects covered in ARC Training’s new Protecting Critical National Infrastructure Course, currently under development and due for “roll out” in 2008.

Hackers Target Corporate Executives and Their Families

Criminals are stepping up their attacks against corporate networks by targeting selected corporate executives and family members' personal emails accounts in an attempt to trick them into opening emails with MS Word file attachments containing hidden spyware.

Many of the e-mails contain the name and title of the executive in the subject line, as well as a malicious Microsoft Word document containing executable code. The hackers are trying to trick the victim into thinking the messages comes from someone they know, in the hope that the victim will willingly install, for example, a program that can record keystrokes.

For more information on this story click on:

http://www.infoworld.com/article/07/07/02/hackers-target-execs_1.html

IT security will be a key feature of ARC's new IT Security and Incident Response Course, 9-10 October, conducted by IT investigations expert, author and radio commentator Ed Wilding.

Cyber Terrorism Attack on UK CNI Within 5 Years, Warns BP

A cyber terrorism attack on the UK infrastructure will happen in the next five years, according to Rob Martin, the Digital Security Services Manager at BP, speaking at the opening of Symantec’s Security Operations Centre on 21 June.

“I believe cyber terrorism has been over-hyped over the past couple of years,” he said. “But the terrorists will look for gaps in the corporate network to exploit and we need to develop the technology to close these holes and prevent an atrocity.” Martin admitted that the energy industry is an attractive target to the extremists, because of the potential to cause harm to and disrupt the lives of millions of people.

BP, working collaboratively with government bodies, will develop technology to protect the organisation and the national infrastructure against a cyber terrorism attack over the next few years, said Rob Martin.

Much best practice on protecting national infrastructure against this type of attack can be found on the website of MI5’s Centre for the Protection of National Infrastructure, which is dedicated to protecting UK CNI (Critical National Infrastructure) against both electronic and physical attack:

http://www.cpni.gov.uk/

Further detailed information on how to secure SCADA can be obtained by emailing David.

IT-based attacks against CNI SCADA (Supervisory Control and Data Acquisition Systems) will be one of the subjects in ARC Training’s new Protecting Critical National Infrastructure Course, currently under development and due for “roll out” in 2008.

New "Specifying Security Technology" Course to Address Developments in CCTV

A new CCTV system is being installed in some of the UK’s busiest stations, including Clapham Junction and Paddington Station, to protect against crimes such as terrorism, criminal damage and other acts of violence.

The system uses advanced hi-tech monitoring technology, known as video analytics, to judge behaviour and it is expected that twenty percent all CCTV cameras in the UK will be connected to the system within the next three years.

Video analytics will be one of many subjects to be addressed on the new Specifying Security Technology Course, currently being developed by ARC Training and set for “roll out” in 2008.

For more information on this emerging technology go to:

http://www.videoanalytics.org/pages/news.htm

UK Airports Remain a Soft Target for Suicide Terrorists

The recent attack on Glasgow Airport has reignited the debate about airport security, with some commentators drawing attention to the fact that contract guards on “front-line” duty at airports are often no better paid than cleaners.

Among increased security measures being suggested are establishing perimeter checkpoints, creating greater space between vehicles and buildings (stand off) and barrier-controlled access to drop-off zones.

Of particular vulnerability is the check-in and departures zone, where inefficient passenger management systems at UK airports frequently compel economy class travellers to form in back-to-back queues, creating an easy target for a pedestrian suicide bomber. Furthermore, UK airports, unlike many airports in the rest of the world, have no means of controlling pedestrian access into terminals.

Stop Information Leaks, FSA Warns

The UK’s Financial Services Authority (FSA) has told City firms to tighten up their controls to stop the leak of inside information before takeovers. The FSA said combating "market abuse" was a top priority. Concluding its six-month review of inside information, it said some firms were complacent and should screen staff and advisers more rigorously. According to the report the leak of inside information fell into three categories: accidental leaks, deliberate leaks to the media to gain some sort of strategic advantage, and leaks that led to insider trading. The FSA highlighted the fact that computer systems at firms involved in deals were far from secure.

Investigating information leaks is one of many subjects addressed on Security Management Stage 3, which runs 24th September – 5th October.