Morning Security Brief: DHS Pinpoints Sochi Threats and Target Hacked Through HVAC Company
By Lilly Chapa
►The Department of Homeland Security has been busy pinpointing possible security threats at the Sochi Olympic Games, which begin tonight. In a series of security bulletins issued within the past 24 hours, DHS has warned of cyberthreats and bomb-smuggling tactics to look out for. Terrorists could try to conceal explosives in toothpaste or cosmetic tubes on Russian-bound flights, the DHS warned global airlines. Although there is no known threat to the United States, the warning is based on new intelligence information, an official told news outlets. “It’s real and we’ve got very good information,” the official said. “It’s based on a credible source. We’re taking it seriously. So are other countries." ►DHS also warned companies supporting the Sochi Olympics that their Web sites could be used by hacktivists to spread their own propaganda. Anyone attending the games will likely have their communications monitored, and hackers may try to spread malware to global audiences, the bulletin warned. The alert came after a denial of service attack was launched on official Olympic Web sites. DHS is keeping an eye on the group Anonymous Caucasus, which has already begun rallying members on social media sites to take action against Olympic-related sites. ►The intrusion into Target’s systems seems to have stemmed from network credentials stolen from a refrigeration, heating, and air conditioning subcontractor that has worked at a number of Target locations. Investigators have traced the increasingly-complex trail to Fazio Mechanical Services, a Pennsylvania-based HVAC company that also works for Trader Joe’s and Whole Foods locations. However, it’s not clear why Target gave an HVAC company access to its external networks. Investigators have also revealed that on Thanksgiving, hackers uploaded the card-stealing software to a small number of cash registers in Target stores to make sure the malware was working as designed. After two days of the controlled tests, the attackers pushed the malware to a majority of the company’s point-of-sale devices.
By Jeffrey C. Price and Jeffrey S. Forrest; Reviewed by Paul Stanley, CPP
Authors Jeffrey Price and Jeffrey Forrest begin the second edition of their well-regarded aviation security textbook with the reflection that: “9-11 will go down in history as a day that changed the way we live.” They then expand on placing it in the context of the 83-year history of threats and actions aimed at aviation.
Some may not recall airports before 9-11, and even those who do may not be familiar with how we got from there to where we are now. Billie Vincent explains how in Bombers, Hijackers, Body Scanners, and Jihadists and makes some informed projections regarding where we might be headed in the future