• United States



by CSO Contributor

U.S. Still Vulnerable to Cyberattack; Banks Security Breaches Come from Outside; Eyes as IDs; Bush Keeps Low Profile on Gun Ban; Massive Security for Trial in South Africa

May 15, 20034 mins
CSO and CISOData and Information Security

U.S. Still Vulnerable to Cyberattack

The House Science Committee brought the heads of the National Science Foundation, the Pentagon’s Defense Advanced Research Projects Agency, the National Institute of Standards and Technology and the undersecretary for science and technology at the Department of Homeland Security to Capitol Hill yesterday to testify about their efforts. According to the Mercury News today, the testimony follows the departure of two key White House cybersecurity advisers earlier this year, upheaval which has led to concern that the Bush administration is not making cybersecurity a priority in combating terrorism. Members of Congress challenged the group by saying that instead of working at breakneck Internet time, the four key agencies charged with researching new technologies to combat cyberattacks are stuck in the glacial world of government time. While defending their efforts and saying progress was being made, the agency heads acknowledged there is much more work to be done. Rep. Sherwood Boehlert, R-N.Y, said, The nation quite simply has been underinvesting woefully in cybersecurity R&D, and as a result we lack both the experts and the expertise we ought to have in a world that relies so heavily on computers and networks for the necessities of everyday life. The Mercury News story highlights budget requests and allocations that reflect that claim.Banks Security Breaches Come from OutsideThe Register today, a new Deloitte & Touche survey of 35 percent of the world’s top 500 global financial institutions found that 39 percent of respondents reported a substantial security breach. Thats a lower rate than other surveys show, with nearly 80 percent to 90 percent of Fortune 500 companies and government agencies having been breached, but financial institutions generally have higher security. Of note, however, was another figure that contradicts the common belief that most security breaches come from inside sources: Only 10 per cent of respondents reporting a breach said these attacks came from employees. The Register quotes Gerry Fitzpatrick, a partner in Deloitte & Touche’s enterprise risk service unit, saying, Overall, there are encouraging signs of progress in the industry worldwide, especially the increase of information security officers, as well as plans by a vast majority to incorporate new measures such as smart cards and wireless security. He noted that 60 per cent of banks have either a chief security officer or chief information security officer.

According to a story in

Eyes as IDsNew York Times explains the development and workings of iris scanning technology, including ways it can be tricked. The Times also explains some of the uses for this biometric, most commonly at airports, but also, for example, The Office of the United Nations High Commissioner for Refugees is taking iris scans as it processes Afghan refugees returning from Pakistan, to prevent people from going through registration multiple times to pick up extra aid parcels.

In exchange for an annual subscription fee and background check, frequent travelers through Amsterdams Schiphol Airport are able to confirm their identities to the Dutch immigration service by letting one of seven infrared cameras scan their irises. An article in todays

Bush Keeps Low Profile on Gun BanCNN story last night, the White House yesterday restated President Bush’s support for renewing a ban on Uzis and other semiautomatic weapons, but the president is keeping a low profile on the issue. House Majority Leader Tom DeLay, R-Texas, has said there are no plans to bring to a vote legislation that would extend the ban, which expires in September 2004, claiming there are not enough. Although Bush supports the ban, he has not mentioned it in public and has not issued written statements in his name. That level of support stands in marked contrast to his campaign promoting his tax-cut plan and his frequent statements supporting judicial nominees whose nominations are stalled in the Senate, notes CNN.

According to a

Massive Security for Trial in South, the national police commissioner said security would be handled in the same manner as that for big events hosted by South Africa like the World Summit on Sustainable Development last year and the World Conference Against Racism in 2001. The operation would involve members of the police’s public order policing, crime prevention, and intervention units, the special task force, the metro police, and security officials from the justice department. The security arrangements would remain in place for the duration of the trialwhich some have predicted could last several years.

In South Africa, the largest post-apartheid security operation for a court case is to get underway in Pretoria next week when 23 alleged members of the rightwing Boeremag organization go on trial for high treason. According to a SAPA story posted on the news portal