Sunday, December 16, 2012

SandyHook Security Policy | Newtown School Shooting | WTNH.com Connecticut

SandyHook Security Policy | Newtown School Shooting | WTNH.com Connecticut



Sandy Hook school staff and administrators did everything they could security-wise, from plans to systems to procedures to drills. But a determined attacker willing to die will sometimes get through. At that point security is about response and mitigation.

Credit needs to go to those teachers who responded quickly and correctly to the crisis, and kept their students out of harm's way. In addition, emergency response to these types of events has come a long way since Columbine. 

The perpetrators of these crimes will always seek out the softer targets, so our security awareness will need to raised in more and more areas - places where we may be unaccustomed to it. Vigilance and knowing what to do in these situations is key. 

Trent Higareda
CTI Consulting
301-528-8591 Office

Monday, December 10, 2012

Nearly two-dozen bugs easily found in critical infrastructure software - CSO Online - Security and Risk

Nearly two-dozen bugs easily found in critical infrastructure software - CSO Online - Security and Risk

This is going to be the biggest problem for the US for the next 5 years or more.  The stuxnet and it's cousins where developed by the US and others, but the cat is out of the bag.  These SCADA systems only need small very easy to make and change commands to cause immense damage.  The key is the insertion systems used, and they are getting very sophisticated.

Internet hookups where the first, biggest, and still most used insertion tactic.  Then some really did go to the point of securing the internet, by unhooking completely.  This caused a shift to Flash drive insertions, and this is apparently how the Iran Nuclear system was infiltrated.  Ah but a lot of folks are really locking down flash drives so they are not as big of a problem as before.

Now the big move is to cell phones, and any other blue tooth or wifi enabled device.  There are still a lot of targeted attacks going on, but there are also becoming more and more attacks that are just broad shotgun style like the bot attacks we see on the internet.

The key is to just get the tool for insertion started by the broad attacks and then when you need to really to move the attack forward you look for a system that has been compromised by the broad attack.  For the teams that started the attack, it works very well, but more and more other attackers are finding that they can look for the compromised systems and then exploit them.  Some say the Chinese are doing this to US broad attacks in the Mid East.  But the documented attacks are organized and not so organized crime teams hitting anything they can.

SCADA systems are known for using PLC's or Programmed Logic Controllers. These PLC's run everything from access controls for gates, everything from Airports to Prisons, to valve controllers used in everything from Nuclear Power Plants, to Water and Waste Water Plants.  Some of these attacks are out there just waiting for a chance to operate. The original attack targets are long in the past, now these code bombs are just moving around the world waiting for the chance to infect something.

Some criminal types have recognized this and have tried and sometimes have been successful in extorting money from agencies and authorities even though they did not start the attacks, or even know how to stop the attacks.

We should be in for a long hunt and many problems over the next years.  That is what is already out there, others are being developed everyday.

Rich


Friday, October 12, 2012

Growing Prevalence of Industrial Espionage Threaten Automakers

iMotorTimes - Growing Prevalence of Industrial Espionage Threaten Automakers - iMotor Times

Espionage is still the fastest way to play catch up, from when a US agent stole the secret to machine weaving  from the English to catch up on the fabric market, to the Japanese sending over tourists with near photographic memory to tour our steel mills.

Russia took the Concorde specifications to make their own supersonic transport plane, China went thru Israel to get the Silk Worm missile the US had designed.  Catch up is always involved with espionage, and the more competition heats up, the more value to the target info.

Now it is cars, and fighter jets, but add to that software for specialty manufacturing like one hour optometrists to finished eye wear companies.  The machines are pretty much the same for all the competitors  the products are pretty much the same, so the edge is in the software process of getting from eye exam to finished product.

Just finding out who is going to come out with the next product is a great espionage task.  If store x is going to bet heavy on pink purses this year, store y wants to know, so it can get orders in before they are all gone.  Even who is going to run a series of ad's on some product is great espionage fodder, if you know Z is going to advertise a product or certain strengths of a product, then company W is going to want to cash in on the advertising blitz with their own version of the product.

So all this means the Counter Espionage business is starting to grow again.  CTI started in the mid 80's doing counter espionage work all over the world, hence our full name Counter Technology Inc.  Our Government had me teaching counter espionage agents from selected countries that we knew had been targeted by other not so friendly countries.

Russia was the biggest espionage group out there, but followed quickly by France, Germany, (both of them), Israel, Japan, all had programs that not only helped the Governments, but also select corporations in the country.

Everything is up for grabs, in the late 80's early 90's CTI would work against other teams, who where hired by takeover specialists to get inside information on what companies where ripe for the pickings.  I think we worked almost every major corporate takeover back then.

Two things are making this time different from the others, one is computers are the main thrust of all espionage attacks, and two with the national boarders graying due to globalization often recruiting insiders is all to easy.  Although I must say on the corporate take overs, we almost always found an insider helping the opposition.

Law's are stricter in some cases, and jail time is a real possibility for insiders, which never used to be the case, back in the 80's, but the rewards are huge next to what it used to be.

I do not see Espionage dying down anytime soon, and there is a curious trend developing, more voice and telephone tapping are being done.  It seems we have come full circle, many attackers want to hear what the other is doing instead of just stealing the data.  I am not sure it will continue, everyone still likes the smoking gun effect of a PDF file (in the old days it was a Fax copy) that has the letter head and signature of the guy you are attacking.

I remember having the eves-dropping transmitter in my hands, with quite possibly the attackers fingerprints on it, and not being able to get the Law Enforcement of any level, Federal, State, or Local to prosecute  even to take the evidence.  Now days, just the hint can get some attention, it still has to be big enough to draw the press, but it is a lot easier, ,,, I understand.

Things change but Espionage is still a big factor, someone somewhere wants to know what you know, and will pay someone to get it.


Wednesday, October 10, 2012

Benghazi Attack , some thoughts, may not go over very well

State Department Throws Hillary And Obama Under The Bus, Denies Ever Concluding Movie Protest Led To Benghazi Attack « Pat Dollard

I understand it is fashionable for republicans like me to move the Benghazi Attack into a Political Event.

First may I point out some folks, very good folks, lost their lives that night, and that is something that I and I hope you mourn as a great loss to all of us and our country and the families and friends of the people that died.

Second, we do not know all the facts about this incident yet, and may I say, some very good people are making some assumptions that, while possibly true, may not reflect the way things happen.  If it went as I think it possibly did, then the lives of the two former Seal's rest on the actions of a Diplomat that was doing what he thought was right, and bet wrong.  The two Seal's may have come into a situation that was out of control before they could ever act.  If that happen then the weight of the souls of those two men, probably weighs very heavy on the soul of the diplomat.

From my limited, very limited experience, I have been in situations that were against all US security regulations as set by State SY.  I was a civilian working for an NGO under a US Aid contract.  I first went into the situation with a full contingent of local security in two pickup trucks leading and following our car.  This is some 10 men with AK-47's bouncing around some rough roads, with at least 4 in each truck hanging on to a metal frame in the back of little Datsun Pickup trucks.

It drew a lot of attention, many of whom where not supporters of my security team, making me more of a target than I felt I may have been with out them.

I avoided my security team, from then on when in the situation, and moved in a more low profile mode, relying on my sponsors to keep us out of trouble, which for the most part they did.

So I guess the first comment is the Ambassador may have opted to be a little lower key, and felt the risk was lower with a lower profile.

My second comment is that if local security is the option, you have to worry about their training, you have to worry about the people local who do not like the team that is your security.  In Benghazi right now, picking the right side is very difficult, so the Ambassador may have decided to once again think he was better off with a lower profile.

Going further as my situation got worse, I was advised to not to go into it, and finally a deal was reached for me to enter via another route, but with the stipulation that I wear a armored vest.  I had to call into the area, and ask if it was going to be a problem for me to wear a vest into the compound.  I was told yes, as long as I did not feel I had to wear it when there, an agreement was reached.

I say all this for my final comment on this issue for now, when you are in an area that you are out numbered by a group that is perhaps on your side at the moment, but could be against you in a second, and worse, the group on your side, is much smaller than the group that has said they want to kill you if you get out of line.  In situations like this, security is great, but in the end it is up to the people around you if you live or not.  Those people are not US security they are the people of the area, so anyone with me would have been in as much danger or even more than I.  Hence, it was my call, if it was a bad call, your only hope is no one is hurt trying to protect you in a situation like that.

Which is why I started this out with if the two former Seal's came into a situation like this because a decision the Ambassador made, his soul is probably weighed down by the lives of the brave men that came in to save him.

Ambassadors, and other State Department people make calls like this every day in this world.  Yes there are rules that they are supposed to follow, but at times they may feel the risk, is worth the effort to keep the USA the positive power in the world it is.  We all owe them a lot, and my prayers are for the 4 brave souls that died in this incident.

But remember I could be all wrong here, the investigation will have to continue, and books on the subject will have to be written.

Rich

Friday, August 17, 2012

Indictments in University of Pittsburgh bomb threats turn up alleged Scottish terrorist | Government Security News

Indictments in University of Pittsburgh bomb threats turn up alleged Scottish terrorist | Government Security News


There are a number of points here that we can learn from and that point to a growing problem that we need to deal with.

One we need to develop a response plan, on the line of our phone threat plan.

Two, we need to set protocols like we do for bomb threats by phone at airports, before we react, or quite possibly over react.


Three, we need to report this, as a consultant let me assure all of you reading this, that you (if you have received a threat by email) are not the only one. We need to realize that others are getting this type of threat as well.  Email extortion, is almost at an epidemic proportion at this time.  Bomb threats, are just another expanded issue.  Threats to shut down systems, or steal information are the two most used.


The threats are working, millions of dollars have been paid, most with out any real valid threat, and as the bad guys figure out that it does work, the more are using it.  A big part of the problem is no one, wants to report the threat, so bogus threats are expanding, when if we did report them, it would quickly be determined which ones are valid or not.


On the other side, if you do report in many countries to include the US at the moment, you are opening up your organization to a lot of prying eyes from Local, State, & Federal Law Enforcement.  Many firms are just paying, considering it a cheaper way to go, than letting in outsiders to review their systems.


There is another way, banks, airports , schools, need to develop contacts with other organizations to report and check with others to see if they are facing the problem.  I and I am sure other consultants are seeing a lot of this, and the relief the clients show, when they find they are not the only ones is amazing.


It is a brave new world, simple things like extortion via tweet attacks are happening all the time.  You get an email that says, we are going to start a tweet campaign against your firm, if you do not give us ten thousand dollars.  Sports figures, Movie Star's even business & Government executives are all targets, and most pay up, not wanting to cause an issue.

Rich

Monday, July 23, 2012

We need to take a two track approach to the Aurora shooting

We need to take a two track approach to the Aurora shooting, how to recognize suspect behavior, how to react when it starts. CTI promotes both, we all need to take a more active approach to our own safety & security.  Not necessarily gun carrying, although carrying a weapon can be an advantage. I think the key is more awareness of how to recognize & react.

Like good advance work is key to bodyguard work, so is good training of awareness key to our own and your safety.

People around the shooter in a day to day activity, need to be more aware of clues that tell us his situation or attitude toward life has changed.  Let me point to the first comments from the shooters mother, Yes, that is my Son, I am on my way to Co.  She knew this was a possible activity her son, could be involved with.  I am also suspect of the collage he attended, they apparently had thought it prudent to revoke his access card, before he was actually fully closed out at the collage.

We all need to be more aware of our own surroundings and always make plans as to how to get out of an area, as safely and efficiently as possible.  Like a good martial art practitioner, that trains so many moves are subconscious reactive to threat, so must our awareness be trained to subconscious start reacting to suspect behavior around us.

Like advance work this awareness ability has to be practiced and actively worked on to make it sink into our subconscious.

   : out of place movements by people should quickly register in our subconscious

   : subconscious, ability to look for multiple ways out of any facility or situation

   : subconscious, ability to look for shelter in place & defensive positions

   : Ability to run through all the options and decide to act with any weapon or ability to kill the offender,

I think we all need to understand Police are a response to incident force, that we are all in charge of our own safety and security, has to become a priority in the US.

Rich

Friday, July 6, 2012

Women Feel Less Safe Than Men in Many Developed Countries

Women Feel Less Safe Than Men in Many Developed Countries

I can go a few ways with this data, the one that is of most interest to me is that Women often can hear those little pin pricks of caution more that Men can.  So I can see this study, of a feeling, as a positive for women.

I do see a lot of people taking this in the response that a women must feel this way more because they are weaker, or less aggressive.  Once again, I take this as a positive as well.  When a man carries a weapon they tend, over the average, to do much dumber things with security like acting too aggressive, or feeling that with the weapon they can take on bigger folks.  When I think the real way to handle security is to not put yourself in the situation.

 Maybe it is my feminine side, or I am a coward, but I think walking into situations that are quite possibly dangerous, is a bad bet, and will try and not let it happen to often.  Unless it is my job that day, in which case that is what I am paid for.  Which as trainer of bodyguards, I still try and instill in them, that walking into danger is not your real job, keeping the client out of danger is the real job, which means yourself as well.

I just re tweeted a quote today, that went like this, If you are not happy with the place you are in right now, you have three options, remove yourself from the situation or place you are in, change the place you are in or yourself, and lastly accept it.   This is the one time when talking about fear or danger, I will say remove yourself from the situation first, to get a perspective and analyse the other two options.  Which could mean your are going to get a friend to go to that place with you, or call the  police, or what ever.  The last choice you should make in a possibly dangerous situation is to accept it.

Yet, this is what I see people do, using statements like it is just an unfounded fear, it could be but step back out of the situation to analyse it.  Sometimes they say, well that is just my racial bias showing, once again maybe, but get back away from the situation to analyse it, remember when Pastor Jackson said he often changes sides of the street when he sees a group of young black men heading toward him.  I do the same with a group of young white men walking toward me, if I do not know them.  It just makes good sense.

Listen to your fear, that does not mean you have to let it control you, but listen to it, it will often provide the protection you need.

I would be interested in other opinions on this?

Rich