• United States



by CSO Contributor

** UPDATE: Largest Terror Drill in U.S. Begins ** Some Colleges Falling Short in Security of Computers; Net Aids Access to Sensitive ID Data; Trojan Phishing Suspect Hauled In

Apr 04, 20053 mins
CSO and CISOData and Information Security

Largest Terror Drill in U.S. Begins

A $16 million, weeklong anti-terror drill began today in New Jersey in what is thought to be the largest such event in the histroy of the United States. The Associated Press reports that during the first stage of the drill this morning officers surrounded two sport utility vehicles and a sports car in a parking lot of a satellite campus of Kean University in New Jersey. The fake car accident and a potential mock biological attack in New Jersey preceded a mock biological attack in New London, Conn. All activities were being monitored by Homeland Security officials in Washington, New Jersey and Conncecticut. All told, more than 10,000 people will participate, including in exercises that will involve officials in Canada and England as well as the United States.

For more details, read the full Associated Press article on

Some Colleges Falling Short in Security of Computers

U.S. colleges and universities are rich with data sought by hackers, namely the personal information of hundreds of thousands of individuals. The New York Times reports Monday that some schools aren’t doing enough to protect that data. The Office of Privacy Protection in California reports that 28 percent of all security breaches since 2003 have taken place at a state college or university. Experts point to a few reasons for this: 1.) college computer networks tend to be decentralized, so there’s no singular security standard for them; 2.) some of the infrastructure dates back decades and 3.) many schools, until recently, have used Social Security Numbers as the primary identifier for faculty, staff and students.

For more details, read the full article in the The New York Times. (Registration required.)

Net Aids Access to Sensitive ID Data

If you’re looking for someone else’s Social Security Number, there are plenty of places on the Web that claim they can help. According to a story in the Washington Post, a simple Web search will yield dozens of websites that claim to offer all kinds of personal data. Fraudsters use Social Security Numbers to access bank and/or credit-card accounts, establish credit to make purchases or locate an individual. The Post used an intermediary to try to obtain the Social Security Number of a reporter. The intermediary contacted three online brokers, and within 24 hours two of them turned over the number. The intermediary did not have to provide documentation proving that he was making the inquiry for legitimate purposes.

For more details, read the full report in the Washington Post. (Registration required.)

Trojan Phishing Suspect Hauled In

Authorities last week arrested an Estonian man suspected of stealing millions of dollars from hundreds of online bank accounts across Europe. According to a report in The Register, the unnamed 24-year-old used a sophisticated Trojan horse program to monitor keystrokes of victims and learn their passwords. If found guilty, the suspect could be sent to prison for up to five years.

For more details, read the full article in The Register.