Morning Security Brief: Grant Program Abuse, Android Malware, Metrics for Resiliency, and More
By Ann Longmore-Etheridge
The Urban Areas Security Initiative grant program may have been abused. Android devices are more often malware victims than PCs. An auditor says some Hurricane Katrina reconstruction money should be returned to FEMA. An ANSI Homeland Security Standards Panel has released a report on resiliency metrics.
►The Los Angeles Times is reporting that a U.S. federal government grant program to help local jurisdictions prepare against terrorist attacks has been abused and misused. “Since 2003, a Department of Homeland Security grant program called the Urban Areas Security Initiative has ballooned from 12 major metropolitan areas to 31 jurisdictions. The study found that some cities and towns had created implausible attack scenarios to win federal grants, and had scrambled at the end of each fiscal year to buy extra, unnecessary gadgets to spend excess cash,” says the Times. The questionable usage of funds was analyzed in a yearlong study, sponsored by Sen. Tom Coburn (R-Oklahoma).
►Android devices, rather than PCs, are more frequently attacked by malware according to the 2013 Security Threat Report from Sophos. PC World writes that “almost 10 percent of Android devices in the U.S. have experienced a malware attack over a three-month period in 2012, compared to about 6 percent of PCs. The situation is worse in Australia, where more than 10 percent of Android devices have been attacked by malware, compared with about 8 percent for PCs.”
►The Republic reports that the U.S. Department of Homeland Security’s inspector general has concluded that the University of Southern Mississippi should return $5.3 million of Hurricane Katrina reconstruction funding to FEMA. The auditor claims this money was for projects that were ultimately paid for by insurance, by duplicate grants from other federal agencies, and other issues.
►The American National Standards Institute's Homeland Security Standards Panel has released a workshop report examining potential approaches for a standards-based national program establishing common metrics for resiliency. Resiliency refers to the ability of a given system or structure to mitigate the severity and likelihood of losses or failure. The full report is available here .