Morning Security Brief: China Vows Terrorist Crackdown, Cyber Initiatives Funding, Electronic Spying, and More

By Ann Longmore-Etheridge

►After a March 1 attack on a train station left 33 people dead and many more injured in Kunming, capital of Yunnam province, China's president, Xi Jinping, has ordered a crackdown on violent terrorist activities. The knife-wielders are thought to be extremists from the the Uighur minority group, which has been at odds with the Chinese government for years, claiming human rights violations and discrimination. However, no group has claimed responsibility for the stabbings that were carried out by at least five individuals.

►The 2015 budget created by the Obama Administration includes more than $1 billion in funds for the U.S. Department of Homeland Security for cyber initiatives, including a new  "voluntary program for critical infrastructure companies and money to bolster civilian network security," says FederalTimes. Other programs include network security deployments such as the EINSTEIN3 Accelerated program that would enable DHS to detect and prevent malicious traffic targeting civilian federal networks; the Continuous Diagnostics and Mitigation program, which provides civilian agencies with hardware, software, and services to detect and fix security vulnerabilities; and the "cyber and cyber-enabled investigations carried out by Immigration and Customs Enforcement, including cyber economic crime, identity theft, theft of export controlled data and child exploitation."

►Reuters reports that experts at the Annual RSA Conference held in San Diego, California, said that "electronic spying tools used by the U.S. government could end up in the hands of organized criminals and hackers, further eroding Internet security."  The industry leaders who spoke there called for new restrictions and oversight of government activity. "Security researchers say that secret state tools tend to fall into the hands of mobsters and eventually lone hackers. That trend could worsen after former contractor Edward Snowden disclosed U.S. National Security Agency capabilities for breaking into Cisco Systems Inc routers, Dell Inc computer servers and all kinds of personal computers and smartphones, industry leaders and experts warned at the RSA conference and two smaller gatherings in San Francisco convened partly to discuss RSA's government deals," the news agency reported.

►One of the latest in the seemingly unending retail customer credit and debit card information thefts is the J. M. Smucker Company, which says that in February it became aware that "an unauthorized user utilized a sophisticated scheme" to steal customer information such as addesses, phone numbers, credit and debit card information, expiration dates, and verification codes as they were entered during the checkout process of the company's online store. Smuckers has notified its customers whose information the company believes has been stolen, offering them "services we are making available to protect your privacy and security." The company also seems to be saying this breach took place over an extended period of time, urging affected customers to "review their transaction from December 2012 through January 2014." A deeper exploration of the case and its ties to other similar crimes is available at KrebsonSecurity.


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.