If the automated counting program is accurate, one of the main Internet sites for the al-Aqsa Martyr’s Brigade has registered more than 2 million hits. Sixty-two thousand people have visited a site of Palestinian Islamic Jihad. These are just two of the thousands of Internet sites dedicated to spreading jihadist sentiment.@ SM Online has links to some of the monitoring sites.
Water utilities were ordered by Congress to conduct vulnerability assessments after 9-11. The results of those assessments have awakened many utilities to the need for water-contamination warning systems, but a series of challenges lie ahead, including which technology to choose, which contaminants to monitor, where to place sensors, and how to analyze monitoring data. @ Contamination Warning Systems for Water: An Approach for Providing Actionable Information to Decision-Makers
A new FBI report on financial crime trends finds that in healthcare, more frauds involve medical professionals harming patients in furtherance of their schemes. For example, frauds now involve unnecessary surgeries, weakened cancer drugs, and bogus lab tests
Shouting “fire” in a crowded theater is a no-no, but what’s worse is not having adequate fire protection in that same crowded theater. The U.S. Government Accountability Office (GAO) has found that Washington D.C.’s Kennedy Center does not appear to comply with some fire-safety requirements. Auditors found, for instance, that there was no program for managing the storage of scenery, props, and other combustible materials.GAO testimony on the topic is at SM Online.
Like banks, U.S. money-services businesses are required to implement anti-money-laundering measures, such as reporting suspicious activity and currency transactions. Money-services businesses range from hotels that exchange currency, to check-cashing storefronts, to Fortune 500 companies. The Financial Crimes Enforcement Network (FinCEN), along with various other federal agencies, recently issued two sets of guidance. The first reminds money-services businesses of their obligations under the Bank Secrecy Act and notifies them of the type of information they may be expected to produce to banks with which they have a relationship. The second sets forth minimum steps that banks should take when their customers are money-services businesses.
A wheelchair-bound person with juvenile rheumatoid arthritis was in a Los Angeles building when occupants were asked to evacuate because of a bomb threat. Other occupants scrambled down the stairs to safety, while the disabled youth waited for assistance. No one came, so the person struggled mightily to climb down three flights of stairs to evacuate. Fortunately, the threat was a hoax, but this type of situation is all too common for the disabled in disaster planning. The NCD report, Saving Lives: Including People with Disabilities in Emergency Planning, can be found on SM Online.
The Nebraska Supreme Court has ruled that an employee who was assaulted in a parking lot shared by her employer and other businesses can recover workers’ compensation benefits. (Zoucha v. Touch of Class Lounge, Supreme Court of Nebraska, No. S-03-971, 2005)
A bill (S. 500) introduced by Sen. Bill Nelson (D-FL) would regulate information brokers and would allow individuals to bring civil lawsuits against companies that fail to protect consumer data. A companion bill (H.R. 1080) has been introduced in the House by Rep. Edward Markey (D-MA). The House version has 13 cosponsors and has been referred to the House Energy Committee’s Subcommittee on Commerce, Trade, and Consumer Protection.
A bill (H.R. 1544) that would change the way that first-responder funds are allocated to state and local governments has been approved by the House Homeland Security Committee and must now be taken up by the full House of Representatives.
A bill (S. 378)introduced by Sen. Joseph Biden (D-DE) that would create several new seaport security crimes has been approved by the Senate Judiciary Committee and has been accepted for consideration in the Senate.
A measure(former S.B. 1214) recently signed into law by Arizona Governor Janet Napolitano makes it illegal for anyone to enter a commercial nuclear-generating station or its grounds without authorization.
A bill (S.B. 152) that would require school districts in Texas to implement bullying-prevention programs has been approved by the state’s Senate and has been taken up by the House of Representatives.
In a recent appellate decision, a court ruled that a hospital violated the Americans with Disabilities Act (ADA) when it terminated an employee who was on leave to receive treatment for alcohol abuse. The court found that hospital management referred to the employee as an alcoholic in company memos. Because the company considered the employee an alcoholic, he was protected under the ADA. (Moorer v. Baptist Memorial Health Care Center, U.S. Court of Appeals for the Sixth Circuit, No. 03-5855, 2005)
A Maine court has ruled that a victim of identity theft can force a cable ISP to release the name of an anonymous Internet poster. The anonymous person used the victim’s name to send e-mails designed to embarrass the victim. The court ruled that the state’s identity theft law trumped a 1984 statute prohibiting cable companies from releasing the names of subscribers. (Ronald Fitch v. John or Jane Doe #1, Maine Supreme Judicial Court, No. 2005 ME 39, 2005)
Web logs—blogs—are the current darlings of the online world. In these online journals, which cover every imaginable subject from law to technology to humor to hacking, bloggers link to articles they find interesting and post their opinion. However, the free-flowing nature of blogs encourages users to let down their guard, and that creates a risk for businesses.@ Dennis Kennedy’s blog frequently covers the legal issues relating to blogs and bloggers. Visit it on SM Online.
“bot” is a small software program that is often used on Internet Relay Chat (IRC) channels to gather information or interact with human users. Some bots on IRC are used by hackers to control “botnets,” or a series of tens of thousands of compromised computers, according to Know Your Enemy: Tracking Botnets, a paper from The Honeynet Project & Research Alliance.@ The Honeynet Project’s paper is available through SM Online.
You might look at a pair of Lego MindStorm robots as high-tech toys for the kids. Hard-core technophiles might see those same robots, which come equipped with software brains and are fully mobile, as tools to help them learn about genomes by programming them to “mate” (that is, combine their software, including some chance of mutations, to create “robot progeny”). This kind of technique—or hack, as it’s commonly known—is one example of the type of high-tech content that can be found on hack a day, a blog dedicated to technotinkerers.@Check out hack a day, this month’s A Site to See, through SM Online.
Defacements of Web sites hit a new peak in December 2004, according to statistics compiled by zone-h.org, which has a database of what it calls “Web server cybercrimes.” @ Get more details of the 2004 Web Server Intrusion Statistics via SM Online.
Each year, federal agencies receive “grades” on a computer security report card, issued by the House Government Reform Committee. It’s based largely on each agency’s compliance with the Federal Information Security Management Act (FISMA). Now, for the first time, the CISOs of those agencies have their chance to grade FISMA. In a survey from Telos Corporation, 60 percent of respondents found FISMA reporting helpful in understanding the state of their department’s IT security, and respondents gave the report card itself a “C” grade.@ The executive summary of Grading the Graders: Examining the True Impact of FISMA is at SM Online.
The Cyber Incident Detection Data Analysis Center (CIDDAC), a service to share real-time cyberthreat information, recently launched its National Operations Center at the University of Pennsylvania. CIDDAC will collect information about cyberthreats through intrusion-monitoring devices attached to corporate networks of companies that pay the $10,000 annual membership fee. The member companies will get alerts, reports, and “red phone” access to the operations center.@ There’s more about CIDDAC at SM Online.
If your organization has a wireless network, it must be regularly assessed to ensure that it remains secure from malicious outsiders. The tools, both free and commercial, that are available to perform these assessments are discussed in a paper available from The Center for Internet Security (CIS), a nonprofit group that publishes best-practices benchmarks for a range of common IT hardware and software. The paper, Assessing the Security of a Wireless Environment, is one of seven free publications on wireless security @ Get this and other CIS papers via SM Online
Powered by: Phase2 Technology