Sunday, October 7, 2007

Guidance on How to Protect Buildings against Chemical, Biological and Radiological Attacks

ARC Training now has a number of publications designed to help you make better informed decisions about protecting buildings against the perceived increased terrorist threat of CBR (Chemical, Biological and Radiological) weapons.

Four of the best are as follows:

1. Building Retrofits for Increased Protection Against Airborne Chemical and Biological Releases (DHS 2007)

2. Assessing the threat of terrorist use of chemical, biological, radiological and nuclear weapons in the United Kingdom (Royal Institute of International Affairs – Chatham House, UK, 2007)

3. Procedures for Designing Airborne Chemical, Biological, and Radiological Protection for Buildings (US DoD, 2005)

4. Guidance for Protecting Building Environments from Airborne Chemical, Biological, or Radiological Attacks (US CDC, 2002)

To obtain copies contact David.

Posted by at

The Hidden Dangers of Offshore Outsourcing

The economic imperative has driven businesses in recent years to embrace offshore outsourcing. This practice is particularly prevalent in the areas of IT services and customer interfaces (call centres).

A recent report by the Australian Government Institute of Criminology entitled Future Directions in Technology-Enabled Crime, 2007-09 highlights some of the hidden dangers of this, if security implications are not recently managed.

Delegates attending the recent Security Management Stage 3 Course at ARC Training we reminded of the need to carry out thorough due diligence as part of the offshore outsourcing. The SM3 session, entitled IT Security – the Next Five Years, pointed out two exposures identified in the report, which were of particular concern when offshore outsourcing to developing countries:

(i) Immaturity of national IT security legislative frameworks

(ii) Ability (or intention) of state intelligence services to penetrate the venture with the aim of capturing proprietary data.

A full copy of the report can be obtained from:


The next Security Management Stage 3 Course will take place in Dhaka, Bangladesh, 2-13 December 2007. For details contact David or Janet.
Posted by at

Public Information Can Aid Terrorists, Says Rand Report

The Rand Corporation has recently conducted an investigation to determine how much data regarding U.S. anti- and counterterrorism systems, countermeasures, and defenses are publicly available and could be found by individuals seeking to harm U.S. domestic interests. The study focused on information that would be freely accessible through Web search and review of library materials.

Using the U.S. Army's modified intelligence preparation of the battlefield (ModIPB), a red-team of analysts—those who role-play the job of the terrorists—were able to find information making it easier to carry out a terrorist attack against air, rail, and sea infrastructure targets, concludes the report.

The full report can be downloaded from:

http://www.rand.org/pubs/technical_reports/2007/RAND_TR360.pdf

Security managers are warned to check their company websites regularly to ensure that information posted there could not be of potential use to terrorists, either in sowing the seed of an idea for an attack, or providing useful information to make a successful attack more likely.
Posted by at

Confirmed - We Live in a Surveillance Society!

“We live in a surveillance society. It is pointless to talk about surveillance society in the future tense. In all the rich countries of the world everyday life is suffused with surveillance encounters, not merely from dawn to dusk but 24/7. It is not just that CCTV may capture our image several hundred times a day or that check-out clerks want to see our loyalty cards in the supermarket. It is that these systems represent a basic, complex infrastructure which assumes that gathering and processing personal data is vital to contemporary living.

Today’s surveillance processes and practices bespeak a world where we know we’re not really trusted. Surveillance fosters suspicion. The employer who installs keystroke monitors at workstations, or GPS devices in service vehicles is saying that they do not trust their employees. And when parents start to use webcams and GPS systems to check on their teenagers’ activities, they are saying they don’t trust them either. Some of this, you object, may seem like simple prudence. But how far can this go?”

Not ARC's words - These are the summary findings of a 2006 “Report on the Surveillance Society” by the Surveillance Studies Network:

http://www.surveillance-studies.net/

The report is essential reading if you are undertaking a post-course essay which covers surveillance in any of its many manifestations.
Posted by at

Video Shows Hacker Hit on US Power Grid

A video released by the Idaho National Laboratory shows the possible result of hackers attacking industrial electrical turbines, an effort to warn policy makers of the risks facing the U.S. electrical grid.

The video shows hackers triggering commands that cause the turbine to violently shake, causing pieces to fly off and smoke to come out, eventually shutting down power. The test was conducted in the spring by researchers looking for vulnerability in supervisory control and data acquisition systems. Although the flaw has already been fixed, researchers hope that the video will help officials realise the need for upgraded security.

The Department of Homeland Security is working with the industry to improve security, but security experts acknowledge that the electrical and nuclear power infrastructure was designed using old technology that did not consider security a large concern.

The video can be found on You Tube at:


SCADA vulnerability was recently discussed in the “IT Security Future” session by delegates attending the Security Management Stage 3 Course.
Posted by at

Thermal Imaging Cameras - A Case Study

An earlier blog story reported on how thermal imaging cameras can enhance security of large sites, such as airfields, allowing for the identification of suspicious activity at a distance of many hundreds of metres. A particular beneficial attribute of thermal imagaing cameras is their ability to penetrate forested areas and see through light fog, rain and smoke.

Thermal imaging cameras were also essential in ensuring the security of this year’s G8 Summit in Germany. The G8 installation included eleven daylight cameras mounted on a Pan/Tilt mechanism, twenty-two FLIR Systems SR-35 thermal imaging cameras and 8 mobile FLIR Systems FlashSight thermal imaging cameras. The system was backed up by over 3,200 metres of sensor wires in the surrounding forest soil.

The twenty-two FLIR Systems SR-35 thermal imaging cameras were installed along the security fence at 400m intervals. They were securing the area in front of the fence and were making sure that no one could approach the fence, or even worse climb it. The thermal imaging cameras overlooked the area 24 hours a day. The SR-35 can detect a human being at a distance of over 500 metres.

The eight FLIR Systems FlashSight handheld thermal cameras were carried by the police when they were patrolling the fence or other secured areas. The FlashSight is a portable thermal imaging camera. Weighing less than 1 kg, it is ideal for go-anywhere operations. It can be used for over 7 hours running on only 4 standard AA lithium batteries.

The use of thermal imaging cameras is included in the syllabus of the new Specifying Security Technology Course, 21 - 25 July 2008.
Posted by at

Negligent Failure to Security Plan and Somebody Gets Killed?

Do you want to understand your obligations (and potential exposures!) under the new Corporate Manslaughter and Homicide Act 2007 in this increasingly litigious society?

Download the full act from:

http://www.opsi.gov.uk/acts/acts2007/pdf/ukpga_20070019_en.pdf
Posted by at
Subscribe to: Posts (Atom)