Archive for November, 2017

WASHINGTON – The Transportation Security Administration (TSA) experienced one of the busiest Thanksgiving travel weeks in its 16-year history. Sunday was the busiest day of the holiday week with more than 2.6 million passengers and crew members passing through TSA screening. It was the fifth busiest day since the agency was established immediately following the 9/11 attacks.

Half of the busiest days on record in the past 16 years occurred in the past few months.

Even though the volume of individuals screened was remarkably high, nationwide 98.1 percent of all passengers waited less than 20 minutes in a checkpoint line and 99.2 percent of passengers who were in a TSA Pre✓® lane waited less than 10 minutes in a security checkpoint line.

“Enhanced security screening measures and the use of TSA canine teams were in place during the busy Thanksgiving travel period to ensure security of air travel,” said TSA Administrator David Pekoske. “I am very proud of our Transportation Security Officers for their work and attention to detail during a very hectic time, ensuring safe travel for all passengers,” he added.

From Friday, Nov. 17 through Sunday, Nov. 26, TSA screened 21,613,767 passengers and crew at airport checkpoints nationwide. More than 13.6 million checked bags were screened during the same time period. Typically, an average travel day would see TSA screen in the neighborhood of 2.1 million passengers and crew, but in the busiest days of the Thanksgiving travel week, TSA screened as many as a half million more passengers per day than usual.

Read More

A California man was arrested Sunday for flying a drone over two NFL stadiums and attempting to drop anti-media pamphlets into the crowd.

Tracy Mapes, a 55-year-old Sacramento resident, was cited and released by Santa Clara police for flying the drone in violation of a local municipal code, department spokesperson Dan Moreno told USA TODAY Sports on Monday.

The drone appeared at Levi’s Stadium during the second quarter of the San Francisco 49ers’ 24-13 loss to the Seattle Seahawks and was later seen over Oakland Coliseum, where the Oakland Raiders were playing the Denver Broncos.

Moreno said the message on the leaflets was “anti-local news media, and TV news stations specifically.” The charge was a misdemeanor, he said.

There is also an ongoing federal investigation and Mapes may face additional charges, according to Moreno, because the Federal Aviation Administration prohibits the flying of drones within five miles of an airport. Both Levi’s Stadium and Oakland Coliseum are within that range.

The San Francisco Chronicle added that the drone was a relatively ineffective messenger because “most of the drone-dropped leaflets were carried away by the win.

View Source

While Port Manatee’s record-setting cargo volumes have been stealing the headlines, Manatee County’s seaport has quietly been enhancing its around-the-clock security to facilitate the swift, efficient flow of increasing genuine commerce and avert movement of unauthorized people and goods.

During the past year, Port Manatee’s highly trained security staff has bolstered its role, assuming functions that previously had been the responsibility of terminal operators. By doing so, redundancies have been eliminated, allowing the highest levels of security to be provided at the lowest cost as growing amounts of diverse cargos cross port docks.

To ensure safety and protection at all times, nearly three-dozen security officers – representing the seaport’s largest department – work in collaboration with a full spectrum of local, state and federal enforcement agencies, from the Manatee County Sheriff’s Office to the Florida Department of Law Enforcement and Florida Fish & Wildlife Conservation Commission to U.S. Customs & Border Protection, the U.S. Department of Agriculture and the U.S. Coast Guard.

Manatee County residents should rest easy knowing that port security is on duty 24/7 every day of the year, including holidays and when natural disasters strike. For example, when Hurricane Irma struck in September, port security remained in place, ensuring that critical landside operations – such as the movement of fuel-carrying trucks – could proceed even as waterside activity was under federal suspension.

September also brought news that Port Manatee had been awarded a $946,950 U.S. Department of Homeland Security grant that will allow a doubling from two to four outbound lanes at the main gate, greatly expanding capabilities for meeting federal screening requirements for rapidly rising numbers of fuel trucks and other commercial vehicles leaving port property.

The grant also will help the port enhance its contingent of screening equipment, upgrade its main gate intercom system and update credential readers.

Credentialing remains a critical component of securing Port Manatee’s 1,100-plus-acre property, as the port continues to meet post-9/11 mandates for Transportation Worker Identification Credentials, or TWICs. Indeed, Port Manatee was one of the first U.S. ports to fully implement electronic verification requirements of the TWIC program, including biometric reading.

Read More

RICHMOND, Va. (WRIC) — 8News investigates to see how Richmond Public Schools bus camera system is keeping students safe.

RPS is the only district in Central Virginia that has installed a stop-arm camera system on their school buses. The second district in the state.

The camera system is designed to catch reckless drivers illegally passing school buses.

“We’re averaging 30 violations a day,” Interim Superintendent Tommy Kranz says, “So that indicates to me that yes, it is working.”

100 school buses are equipped with a total of 13 cameras, nine on the outside and four on the inside.

From the first day of Fall to October 24, 1,021 citations were issued to drivers who illegally pass a school bus when the stop-arm is out or red lights are flashing.

8News obtained video through Richmond Public Schools in which cameras caught drivers nearly hitting students when the school bus was stopped.

Michelle Kitts is a RPS parent and admits she even goes a different route in the mornings to avoid the bus stops.

“If they have kids they know how it feels to see somebody speed passed the buses when there are kids,” Kitts says, “even at the stop with no buses around so everyone should slow down and take it easy.”

Kevin Hunter, another RPS parent says he wasn’t surprised by the number of tickets that were issued in the first seven weeks this Fall. He says he believes drivers need to put down their cell phones and pay more attention to the road before a child is hurt.

“As a foster dad I don’t want to see any of my kids go you know shot across the street then you got some driver coming and don’t pay attention,” Hunter said.

In a press release sent to 8News this summer, Richmond Public Schools said they wanted to have all school buses equipped with the camera system by the start of the semester. However, the company that installs the camera paid to install cameras on the first 50 buses and have been working in phases to install the rest. This revenue is generated from the citations that are issued.

Read More

“ESG recently published a new research report titled, The Life and Times of Cybersecurity Professionals, with its research partner, the Information Systems Security Association (ISSA).

The research looks closely at the ramifications of the cybersecurity skills shortage — beyond the obvious conclusion that there are more cybersecurity jobs than people with the right skills and background to fill these jobs.

As part of this research project, ESG and ISSA wanted to understand whether the cybersecurity skills shortage is a contributing factor to the constant wave of security events experienced by large and small organizations.

To that end, 343 cybersecurity professionals (and mostly ISSA members) were asked if their organizations had experienced a security incident over the past two years (i.e. system compromise, malware incident, DDoS attack, targeted attack, data breach, etc.). More than half (53 percent) admitted that their organization had experienced at least one security incident since 2015. It is also noteworthy that 34 percent responded with “don’t know/prefer not to say,” so the percentage of organizations experiencing a security incident is likely much higher.

4 factors contributing to cybersecurity incidents

Those survey respondents confessing to a security incident were then asked to identify the factors that contributed to these events. The data reveals that:

-31 percent say a lack of training for non-technical employees. This indicates that employees are probably opening rogue attachments, clicking on malicious links, and falling for social engineering scams, leading to system compromises and data breaches. Clearly, firms are not dedicating the people or financial resources necessary to provide ample cybersecurity training and are suffering the consequences.

-22 percent say the cybersecurity team is not large enough for the size of their organization. Boom, direct hit. In an earlier blog post, I revealed some data about the implications of the cybersecurity skills shortage, including an increasing workload on staffers and a myopic focus on emergency response at the expense of planning and strategy. The data also exposes that the skills shortage leads directly to more security incidents, which lead to business disruption, negative publicity and data breaches.

-20 percent say business and executive management tend to treat cybersecurity as a low priority. The lack of suitable business oversight on cybersecurity was a consistent theme throughout the ESG/ISSA research. It remains true that business executives are overlooking their fiduciary (and moral) cybersecurity responsibilities. Based upon this data, we can anticipate some massive GDPR fines in the second half of 2018.

-18 percent say the existing cybersecurity team can’t keep up with the workload. Another direct hit — the workload is too big, and the staff is too small.

Breach detection, proactive threat hunting, and incident response tend to be people-intensive processes dependent upon advanced skills, so it’s logical to assume the cybersecurity skills shortage would have a profound impact here. The ESG/ISSA research proves there is a strong correlation here, so it’s safe to say that organizations with lots of open cybersecurity requisitions can expect a lot of malicious activity on the network.”

Read More

Chicago (WSL)–With a record 50 million people expected to travel over the week of Thanksgiving, the Transportation Security Administration unveiled new technology Thursday to get people through lines faster at Midway Airport.

TSA officials said travelers will make it through security about 50 percent faster than in the past.

The first thing travelers will notice? Larger bins. A laptop, toiletries, a pair of shoes and a jacket will all fit in one bin, instead of the usual two or three. Everything will get scanned at once, and after the bins go through and travelers retrieve their belongings, an automated system kicks the bins back to the front of the line.

Travelers will also notice a change if their bag is singled out for additional screening.

“If there’s an item that we want to take another look at in the bag, a possible threat item, the system automatically kicks that bag with a diverter arm off to the side. It goes onto a separate belt system and waits there for one of our officers to screen that bag,” said TSA’s Kevin McCarthy.

In the past, bags would stand in a queue, waiting for an officer to arrive and holding up passengers.

The new system is being launched on only two of Midway’s 17 security lanes, with the possibility for more in the future.

This new system already exists at O’Hare International Airport, where travelers may have noticed two of these automated lanes in the United Terminal and another three in the American Terminal. They were installed a year ago and TSA said they are making a difference when it comes to cutting down passenger wait time for security screenings.

TSA personnel will be on-hand during this transition to help travelers navigate the new equipment.

View Source

“School security officers in the city aren’t exactly giving students the shirt off their backs — just the cost of them.

James V. Meszoros, a security guard and president of NAGE Local R1-200, told the city school board Monday they are giving back $200 of a $424 uniform allowance to help the financially strapped school district.

The gesture will amount to $16,600 that Meszoros said he hopes the district will put toward the athletics program.

His announcement brought a round of applause in the room when the announcement was made.

“I know it goes back into the general fund but I was a coach at Bassick High School for 13 years,” Meszoros said.

Meszoros said he is hopeful Marlene Siegel, the district’s chief financial officer, can work the numbers so they can benefit athletics.

Last year, Meszoros said, the idea was raised by Police Lt. Paul Grech. After Meszoros became union president, he presented the idea to his members who liked it because it was something different.

Security guards make an average of just shy of $38,000 annually. The union contract calls for guards to get an allowance to cover four shirts and four pairs of pants every October. This year only, he said guards will get two and two.

Schools Superintendent Aresta Johnson said she was ecstatic to hear of NAGE’s give back when the union president told her of it.
“It truly exemplifies all of us pulling together and rowing in the same direction for the betterment of our students,” Johnson said. “I️ sincerely thank each member of NAGE.”

The district is working to close a multi-million dollar gap between what officials say they need to run the system of 21,000 and the near flat operating funding it got from the state and city in the current fiscal year.”

View Source

“The Transportation Safety Administration released surveillance video showing an agent moving a smoking bag containing an exploding lithium-ion battery away from passengers during a panic at Orlando International Airport Friday.

The TSA agent, a 20-year Army veteran, said he believed the bag to be an improvised explosive device. He placed it between a concrete column and a concrete planter to mitigate any harm that might come with a full explosion.

The TSA commended the agent, saying he ran the bag away even as panicked passengers “knocked over the queuing stanchions and dropped roller bags, creating loud banging sounds which were perceived as gunshots, further spreading panic throughout the airport.”

Numerous people at OIA reported there was a panic caused by those loud noises, initially thought to be gunshots.

“Our TSA Team’s performance was outstanding. I’m very proud of our team and how they responded to both the incident and the recovery process of rescreening passengers,” said Jerry Henderson, TSA Federal Security Director.
“Our people responded as they are trained to do, and to lead passengers to safety.”

The Orlando Police Department said on Twitter that no shots had been fired and it was “a loud sound that startled people.”

The department later said on Twitter that the noise was caused by a lithium-ion battery that exploded inside a camera.

The bag the camera was in started to smolder, but no one was injured, the OPD tweet said.

The incident was first reported just after 5 p.m., airport officials said in a statement.

“As a result of the incident, a ground stop was issued and a number of flights were held while passengers were allowed back into the building and security checkpoints reactivated,” the statement said.

The incident did not pose any danger to people at the airport, the department’s Twitter post said.

Regardless, photos given to Channel 9 showed a normally busy terminal that was completely empty.

Because everyone who evacuated the terminal had to go through security screening again, travelers were experiencing inordinately long lines.

“It’s crazy. Nobody knows anything,” traveler McKenzie Golden said.
She had just gone through the security checkpoint and was preparing to get onto a flight home to Michigan when the chaos hit.

“I heard people screaming and then everybody hit the ground and people were basically running over each other, trampling each other,” Golden said.
Numerous flights were delayed due to the incident.

Hours after the battery explosion, massive crowds were still working their way through security to get to their flights.”

View Source

“The Hanover police officers that work at The Hanover Mall may be referred to as Unit B, but that doesn’t mean they are doing anything but A-1 work.

The mall has been contracting with the town for the services of the police officers since the 1970s when Zayre Department Store first opened. The town then contracts with the police department with their collective bargaining agreements.

“At that point you had a small town that was suddenly dealing with a large shopping center,” said Hanover Mall General Manager Ed Callahan. “The town didn’t have the resources police-wise to handle that, so the town worked out a deal with the original owner, which was Campenelli-Tedeschi, for them to hire a police presence at the mall. Over the years, it was a combination of
Hanover Police and private public safety.”

There have been deals made every two-to-three years and the current one will begin on Jan. 1, 2018. According to the agreement signed in October, the town will receive a payment of $9,532 each month.

The contract will be automatically extended for an additional 12 months unless one side provides a written statement two months before the year is up wishing to not extend for an additional year.

According to former town manager Troy Clarkson, in addition to the monetary value, having this contract in place ensures that calls for service at the mall do not take away from other important responses, as the officer on duty can handle most issues on site without requiring a cruiser to be taken away from patrol in other areas.

This program, Clarkson said, has received national recognition and is yet another example of the strong and enduring partnership between the town and our partners at PREP.

There is a cruiser specifically for the position and the officers aren’t set out on calls other than extreme emergencies.

“We meet with Chief Walter Sweeney and Lt. Greg Nihan sometimes once a month or every other month and we sit down the program and review any incidences that have happened,” said Callahan. “We review what we want the officers to be doing in terms of community policing. We encourage the officers to be visible, interact with store managers and personnel and get to know people. With the cruiser they are able to do that same function with the peripheral around Dick’s Sporting Goods, Office Max, Trader Joe’s and Buffalo Wild Wings.”

When both the public safety officers and the Hanover police officers are fully staffed, typically one patrols the outside of the mall and the other on the inside of the mall. The goal is for them to work “in harmony” with two-way radios.”

View Source

“In the first Minnesota case to address a new and growing form of cybercrime, federal prosecutors have charged a former state resident with employing “hackers-for-hire” to sabotage the website of a local business.

The case reflects concern among law enforcement officials nationwide that hackers ranging from disgruntled ex-employees to enemy nation states are ramping up attacks on an ever-expanding array of personal digital devices connected to the web.

Prosecutors say John Kelsey Gammell, 46, paid hacking services to inflict a year’s worth of “distributed denial of service” (DDoS) attacks to bring down websites affiliated with Washburn Computer Group, a Monticello business where he used to work.

DDoS attacks overwhelm a network with data, blocking access for legitimate users and even knocking web services offline. Washburn, a point-of-sale system repair company, told prosecutors that Gammell’s attacks cost it about $15,000.

Authorities say Gammell didn’t stop there: He is accused of paying $19.99 to $199.99 in monthly payments to try to bring down web networks that included those of the Minnesota Judicial Branch, Hennepin County and several banks.

“As a society that is increasingly reliant on network-connected devices, these types of cyberattacks pose a serious threat to individuals, businesses, and even our nation’s critical infrastructure,” Acting U.S. Attorney Gregory Brooker in Minneapolis said, speaking generally about the new forms of crime.

The FBI’s Internet Crime Complaint Center reported more than $11 million in losses to victims of DDoS attacks last year.

“We have a growing trend where the sophistication of the dark web and the sophistication of certain professional hackers to provide resources is allowing individuals — and not just experienced individuals — to conduct hacks and conduct DDoS,” said FBI Supervisory special agent Michael Krause, who leads the FBI’s cyber squad in Minneapolis.

Devices such as digital video recorders and home appliances recently have been marshaled by cyber criminals to carry out massive operations like last year’s flooding of a prominent web infrastructure company that affected sites like Amazon and Netflix. In a separate attack, in June 2016, the Minnesota Judicial Branch’s website went down for 10 days, alarming local officials because so many government services have at least some nexus to the web.

“A lot of people think it’s just a nuisance,” said Chris Buse, Minnesota’s chief information security officer. “But it’s not. If you look at what government does — basic critical services — if those services don’t continue, people can literally die.”

Minnesota IT Services, which administers the state’s computer systems, said state networks field an average of more than 3 million attempted cyberattacks daily. Officials say the state still hasn’t experienced a major attack on par with a 2012 South Carolina breach that exposed personal data for 3.7 million residents and cost the state $20 million.

But with hackers able to take over hundreds of millions of unsecured devices worldwide to flood networks in a single DDoS attack, security professionals are trying to stay ahead of the threat.

“In our environment it’s pretty clear now that every organization needs some sophisticated and expensive tools to mitigate these DDoS attacks,” Buse said.

‘We will do much business’

The government’s case against Gammell underlines the difficulty of linking any suspect to the daily torrent of attacks often carried out by far-afield hackers who advertise their services online. Authorities might not have caught Gammell without tracing taunting e-mails he allegedly sent after attacks.

One of his preferred hacking-for-hire services was called vDOS, which was shuttered last year after the arrests of two alleged operators in Israel. The FBI obtained files from vDOS that included records of Gammell’s purchases, attacks and communications with vDOS administrators and customers.

One day in 2015, according to a criminal complaint, Gammell eagerly wrote the company boasting of his success in blowing past a “DDoS mitigation” program to kick an unnamed network offline for at least two days. “We will do much business,” Gammell allegedly wrote. “Thank you for your outstanding product.”

According to an FBI agent’s sworn affidavit, Gammell sought out seven sites offering DDoS-for-hire services and paid monthly fees to three to carry out web attacks from July 2015 to September 2016.

Charges are also expected out of Colorado and New Mexico for firearms offenses stemming from searches in the case.

Appearing in a Minneapolis courtroom last week, Gammell confirmed that he rejected a plea offer that would have resolved all charges and capped his possible prison sentence at a mandatory 15 to 17 years. A federal magistrate is reviewing motions filed by Gammell’s attorney, Rachel Paulose, to dismiss the case or suppress evidence.

On Monday, Paulose told U.S. Magistrate Judge David Schultz that evidence the FBI obtained from an unnamed researcher should be thrown out and suggested the data could itself have been retrieved by hacking.

Paulose, who did not respond to messages seeking comment for this story, also argued in pretrial motions that Gammell didn’t personally attack Washburn.

“The government has failed to charge a single one of those ‘cyber hit men’ services, named and evidently well known to the government,” Paulose wrote. “Instead the government’s neglect has allowed the professional cyber hit men for hire to skip off merrily into the night.”

Addressing Schultz last week, Paulose described the attacks on Washburn as “essentially a prank on a dormant site not doing business.”

“Even if Mr. Gammell thinks it’s a prank,” Assistant U.S. Attorney Timothy Rank replied, “it’s a criminal prank.”

View Source