Morning Security Brief: Infrastructure Vulnerability, Fake Inspectors, and More

By Carlton Purvis

►Don Bailey, a security consultant with iSec Partners, will give a demo next week at the Black Hat Technology Security Conference on an exploit that can do everything from unlock cars to knock out power grids. Because certain devices are all connected to public phone networks, it makes them easier to compromise enabling manipulation of supervisory control and data acquisition systems. “Bailey and his fellow researchers took a look at devices that are attached to phone networks for the purpose of receiving control messages,” Network World reports. Through reverse engineering they were able to control these devices by sending messages. Bailey has briefed DHS on the issue and contacted vendors to notify them of product vulnerabilities.

►A NASDAQ executive said the company is constantly under attack from hackers. It plans to spend more that $20 million more on security this year than initially planned. “You can throw as much money as you want against something like this, but as we looked at the level of attacks that have been experienced really across the industry...we decided it was appropriate for us to up the amount of resources," he told Reuters.”

►Oklahoma officials are asking that an 80-mile stretch be designated a corridor for drone, or UAV, activity exclusively in order to spur business development and encourage relocation of existing projects. (UAV stands for unmanned aerial vehicles.) “If approved, the air corridor would be the first civil airspace in the country where unmanned aircraft could be flown without prior FAA permission,” Talking Points Memo reports. “The proposed air corridor will enable more research and testing activity to demonstrate that unmanned aircraft can be operated safely in the National Airspace System and to also enable the continued development of technology to improve the safety of all types of aviation,” one developer said of the proposal.

►The Los Angeles City Council voted to get rid of red light cameras at intersections saying they cost more than they were bringing in and that they didn’t increase safety at intersections. Since 2004, the cameras have caught 180,000 drivers breaking the law, but only 60 percent of them ever paid their tickets, CBS News reports. The city was losing $1.5 million a year. Council members unanimously agreed that it was time for the cameras to go. "We want safe intersections, but there's not any data that proves this was making these intersections any safer,” Eric Garcetti, president of the Los Angeles City Council said.

►Also in the news, TSA and the Federal Railroad Administration are warning against fake officials showing up at rail yards after two men claiming to be from the Federal Railroad Administration showed up at railroad facilities for “inspections” and to supervise railroad activities; the pair left promptly when asked for credentials. ⇒And a report by Miller-Mcune says even after exonerations, many police departments still lack eyewitness standards.




View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.