Morning Security Brief: Cyber Threats, Expedited Airport Screening, and More

By Ann Longmore-Etheridge

►ZDNet reports that the U.S. Department of Homeland Security is warning of "a serious threat to networking devices, such as scanners, printers, computers, and routers. It comes only a few hours after a white paper was released by security researchers at Rapid7, which claimed that approximately 40 to 50 million devices worldwide are vulnerable to infiltration by hackers as a result of a flaw in a networking protocol."

The problem is with Universal Plug and Play (UPnP), which lets devices that connect to networks communicate and discover each other's presence. DHS is "concerned that the vulnerability could impact millions of machines, and warns users to update their software or disable UPnP altogether," the article notes.

►Homeland Security Secretary Janet Napolitano used a speech at Washington, D.C., think tank the Woodrow Wilson Center,to address the possibility of a "cyber 9-11." Sectors of the privately owned U.S. infrastructure, she said, are highly vulnerable, she said, and she urged Congress to pass cyber security legislation that would help to mitigate any future cyber attack.

►In the same Wilson Center speech, reports, Napolitano also stated that "the goal of TSA to make half of the U.S. population eligible for expedited screening within two years' time." Toward that goal, the TSA "held an industry day to explore the possibility of using commercial data to prescreen air passengers and thus speed their physical screening at U.S. airports. The TSA has been putting trusted travelers through expedited screening through its PreCheck program but the agency is now seeking ways to expand the population of travelers eligible for faster and lighter screening."

►"A new International Business Machines Corp. security tool uses Big Data to help CIOs detect internal and external security threats in new ways—and can even scan email and social media to flag apparently 'disgruntled' employees who might be inclined to reveal company secrets," says the Wall Street Journal. It does so by analyzing e-mails, financial transactions, and website traffic to detect patterns of security threats and fraud.

►Elsewhere in the news, Niger, which is next to Mali, agrees to let U.S. have surveillance drones fly from there, reports CNN. the Bayoubuzz reports on the U.S. Coast Guard's Super Bowl security plan, which it has begun to implement, and a GAO report finds that the Pentagon still isn't doing enough to address the military's sexual abuse problem, especially with regard to protecting the victim's right to confidentiality in seeking medical treatment, reports Danger Room.




View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.