Morning Security Brief: UPS Security Breach, Germany's Digital Agenda, Airport Scanner Security Concerns, and More

Lilly Chapa
UPS is the latest victim of a security breach that resulted in the compromise of customer information, including credit and debit card data. The company learned of the breach, which affected 51 UPS stores across the nation, after malware was discovered on in-store cash register systems. A spokesperson said that customers who had used debit or credit cards at the affected locations between January 20 and August 11 of this year may have had their information compromised. More information, including the affected locations, can be found on the UPS website. This breach is the latest in a number of cyberattacks targeting big businesses, and the FBI is warning businesses to take precautions. In an alert issued yesterday, the agency warned healthcare companies that they are being targeted by hackers. Cybercriminals are looking for healthcare information, personally identifiable information, and intellectual property such as medical device and equipment development data, according to the alert.
Germany has released a draft of legislation that would ramp up cybersecurity measures protecting critical infrastructure. The proposals are aimed at regulating IT security requirements for telecommunications, energy, traffic, transport, health, water, food supply, finance, and insurance industries. Measures would include strengthening Germany’s federal information security office, increasing the investigative powers of those involved in tracking down cybercriminals, and requiring companies to report attacks by hackers. The proposals are the latest in Germany’s ‘digital agenda’ for the next three years, which was approved yesterday and calls for enhanced innovation of IT services and using digital systems to benefit the economy.
Controversial full-body backscatter X-ray scanners used in airports across the U.S. from 2009 and 2013 may not be as effective as once thought, according to a team of researchers. “Frankly, we were shocked by what we found,” said J. Alex Halderman, a computer science professor at the University of Michigan. “A clever attacker can smuggle contraband past the machines using surprisingly low-tech techniques.” Researchers discovered that it was easy to smuggle firearms and plastic explosive stimulants through the scanner, as well as modifying the machine’s software so it displays an “all-clear” image all the time. The team was able to acquire a government-surplus machine on eBay. Although these scanners were removed from airports in 2013 due to privacy concerns, they are now being used in jails, courthouses, and other government facilities.
In other news, an American doctor who contracted Ebola in Liberia and was later transported to Atlanta for care has been released from the hospital after being treated with ZMapp, an experimental drug. And 14 airstrikes by the U.S. military were carried out yesterday in Iraq, even after the release of the horrific video of American journalist James Foley’s beheading. The airstrikes were aimed at helping Kurdish and Iraqi forces reclaim the Mosul Dam from Islamic State militants. President Obama vowed to continue attacks against the group despite its threats to kill another American journalist held captive. 


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.