Laptop Stolen – Or Did You Leave it in a Black Cab?

London taxi passengers have left more than 60,000 hand-held devices in the back of black cabs during the past six months, a survey has found. Some 55,843 mobile phones and 6,193 other devices, such as laptops, were forgotten, Credant Technologies found. This revelation calls into question the authenticity of claims by 15,000 visitors to London each year that their laptops have been stolen. After all, few employees would be brave enough to admit that they neglectfully left a laptop in a cab!

New devices - including mobiles, MP3 players and memory sticks - have the capacity to store tens of thousands of documents or pictures and millions of contacts and emails, making them a target for identity theft criminals and hackers.

A survey by credit reference agency Equifax in April suggested 16% of its customers stored PIN numbers on their mobile devices while 24% recorded birthday dates – making it easy for ID thieves to clone identities.

Investigations Challenges of the Future

As organisations become increasingly reliant on IT systems, the systems themselves often become the tools for, or the scene of, internal crimes. The investigative challenges for the regular security professional are challenging, to say the least. Do you take people with a strong investigative background, and train them in computer forensics - or do you take people who have strengths in computer forensics, and try to train them in investigative skills? This is one of the many problems addressed in an on-line article on CSO Online, entitled Investigations: Merge Ahead, which looks at how physical and digital investigations are increasingly merging.

The 2-day IT Security and Incident Response Course is an intensive programme intended for those whose role may in some way involve the detection and investigation of internal crimes committed against or using company IT systems. It provides a thorough understanding of the value of effective response measures in handling such incidents.

Delivered by Ed Wilding, author and practicing IT forensics investigator, the course is presented in non-technical language and, thus, is of great benefit to general security managers, consultants, investigators, line managers and IT staff. It combines theory-based lectures and discussions with a unique one-day investigative simulation.

The next programme is scheduled for 12-13 November 2008. For details click here.

http://www.arc-tc.com/pages/accredited_investigation.asp#f4

For the CSO online article, click here.
http://www.csoonline.com/article/448666/Investigations_Merge_Ahead?page=1

Al Qaeda Interested in Bombing Public Buildings

The Department of Homeland Security (DHS) has issued an analytical "note" to U.S. law-enforcement officials cautioning that al-Qaeda terrorists have in the past expressed interest in attacking public buildings using a dozen suicide bombers each carrying 20 kilograms of explosives. The intelligence is based on recently discovered information about Al Qaeda training sessions conducted some year ago, so there is no reason to assume the threat is specific to this time.

ARC Analytical Comment: The London bombings of 2005 demonstrated how suitably radicalized individuals, with limited technical skills, can manufacture home-made TATP high explosive devices using readily available ingredients. And there is no shortage of vulnerable “public” targets which can be attacked in this way. A reasonably strong person should be able to carry a load of 20kg in a backpack without raising suspicion, and would blend in very well in a tourist environment, such as a major European city.

The effect of detonation of such a charge in a confined space, such as the ground floor lobby of a building, would be significant. Although unlikely to cause building collapse, there would be major loss of life, damage and injury beyond the immediate area of detonation, and significant damage to building management systems. Building security services, which are often located in or near a lobby, would also be paralyzed. It is likely that the lobby would be unusable as an emergency escape route for surviving building occupants.

In addition to considering proactive antiterrorism measures, those responsible for building safety and security should consider the following reactive components of a facility terrorism emergency response plan:

1. Evacuation via non-planned routes
2. First aid and rescue capacity in the event of security staff being killed or injured
3. Dispersal upon evacuation, rather than assembly (assembly presents a target for a secondary suicide attacker)
4. Floor wardens trained and exercised in the above
5. Road and transportation (fire and ambulance) gridlock if several coordinated attacks are concentrated in one locality

Information Security Focus: Information Security Breaches Survey

Many of your countries already have personal identification cards, and there can be no doubt that they are a most useful element of a contiguous national security programme. However, there are many who see the collection and retention of personal information involved in identity card programmes as an infringement of civil rights and personal privacy. This report, from the UK’s Financial Times, illustrates the problems which can arise and the levels of public resistance to such initiatives – set against the background of several recent cases of loss of personal information by government departments.
FT Report 26 Sep 08

On a separate note, the UK Department for Business Enterprise and Regulatory Reform has recently published its annual Information Security Breaches Survey. This survey looks at a representative cross section of the business community and indicates their reported ability to deal with information and IT security breaches. Whilst the situation seems to be improving – there is a long way to go! Please email Phil if you would like a copy of this report.

Information security and related issues are discussed during Security Management Stage 1 – the next course is in November – go to the ARC Website, or contact Janet or any of the team for further information.

Kidnap Rescue and Response – A Success This Time

The recent kidnap and spectacular rescue of 11 Europeans by a combined special forces unit in Egypt has engendered media interests and reports worldwide. This, from the UK’s Times, is an example: Kidnap

However, the quotation from the report to note is: ‘A Sudanese official said that the hostages had been abandoned before the rescue mission was begun…’ For many hostages, the most critical time is when law enforcement agencies attempt rescue – it is at this stage where fatalities often occur. However, with some training and awareness, potential hostages could reduce their vulnerability considerably.

Kidnap response is covered during ARC’s Security Management Stage 3 Course, as a 1-day workshop or as a bespoke, in-house course. Contact Phil for details

Nuclear Terrorism Focus: Edging Closer to Catastrophe

The likelihood that terrorists will detonate a nuclear weapon poses the greatest risk to world security, surpassing proliferation threats from Iran and North Korea, according to a United Nations atomic chief.

“There is a lot of interest on the part of extremist groups to obtain nuclear material,'' Mohammed El Baradei, director-general of the International Atomic Energy Agency, said at a scientific forum on 30 September in Vienna during the annual conference of the 145 nations in the IAEA. ``It's the No. 1 security threat right now.'' Read about it here.

This latest assessment adds further weight to the general view that this threat is real and highly possible given a certain set of circumstances. Although most will ignore this threat because it is too terrible to contemplate, if you are informed about the effects of such attacks, your chances of business recovery may increase. ARC covers Protection Against Explosive Devices (PAED), CBRN, terrorism and business continuity (all issues related to this subject) during various course and workshops. Contact Janet or go to ARC's website for details.

Information Loss

Just as delegates attending the ARC Security Management Stage 1 programme in Delhi were highlighting the problems of information loss and the risks posed by uncontrolled portable media , the UK’s leading intelligence service, MI6, have provided a good illustrative example. One of their operatives allegedly sold a digital camera with classified images still held on the memory card!

‘Media reports said the Nikon digital camera was put up for sale on Internet trading site eBay and sold for just 17 pounds ($30.64). Its memory had names of al Qaeda members, fingerprints and suspects' academic records as well as pictures of rocket launchers and missiles, the Sun newspaper reported.’

So, if these crack international intelligence gatherers can get it so wrong, what are the chances of your organisation’s employees protecting all of your information adequately? Think about it – any gaps that you need to plug? Ask ARC Training for advice on how to control portable media.