US and UK blame Russia for ‘malicious’ cyber-offensive

The cyberwar between the west and Russia has escalated after the UK and the US issued a joint alert accusing Moscow of mounting a “malicious” internet offensive that appeared to be aimed at espionage, stealing intellectual property and laying the foundation for an attack on infrastructure.

Senior security officials in the US and UK held a rare joint conference call to directly blame the Kremlin for targeting government institutions, private sector organisations and infrastructure, and internet providers supporting these sectors.

Rob Joyce, the White House cybersecurity coordinator, set out a range of actions the US could take such as fresh sanctions and indictments as well as retaliating with its own cyber-offensive capabilities. “We are pushing back and we are pushing back hard,” he said.

Joyce stressed the offensive could not be linked to Friday’s raid on Syria. It was not retaliation for the US, UK and French attack as the US and UK had been investigating the cyber-offensive for months. Nor, he said, should the decision to make public the cyber-attack be seen as a response to events in Syria.

Joyce was joined in the call by representatives from the FBI, the US Department of Homeland Security and the UK’s National Cyber Security Centre (NCSC), which is part of the surveillance agency GCHQ.

The US and UK, in a joint statement, said the cyber-attack was aimed not just at the UK and US but globally. “Specifically, these cyber-exploits were directed at network infrastructure devices worldwide such as routers, switches, firewalls, network intrusion detection system,” it said.

“Russian state-sponsored actors are using compromised routers to conduct spoofing ‘man-in-the-middle’ attacks to support espionage, extract intellectual property, maintain persistent access to victim networks and potentially lay a foundation for future offensive operations.

Read More

TSA is testing explosive-detection technology with Amtrak

The Transportation Security Administration and Amtrak are testing new technology to detect concealed explosives, the TSA said Tuesday.

The equipment, known as “stand off explosive detection technology” can detect an explosive when an individual passes by the device, New York Sen. Chuck Schumer said in a news release. An alarm would go off on the equipment operator’s laptop, triggered by an individual’s “naturally occurring emissions from the human body.”

The tests will be conducted at New York’s Pennsylvania Station in the Amtrak terminal.

Protecting so-called soft targets like railway stations has been a challenge for security officials, who are tasked with ensuring safety but need to balance that with ensuring the smooth movement of hundreds of thousands of travelers.

The TSA’s administrator, David Pekoske, said in November that airport-like security, in which passengers have to line up for personal and carry-on bag screening, was not necessary at rail stations.

“We don’t intend to roll out anything like what we have in the airports,” Pekoske said, adding that random passenger checks and police with canines among other measures are sufficient. “We are satisfied at his point.”

However, in December, a man was injured by a pipe bomb he had attached to his torso with Velcro in a blast that went off at a 42nd Street subway station in Manhattan.

The technology aims to help officials detect concealed suicide vests or other improvised explosives, the TSA said, which is better known for its passenger screening at U.S. airports.

“The use of these devices enables a rail or transit agency to help safeguard against terrorist threats in the mass transit environment,” the TSA said. “TSA is supplying two models of the equipment for the purposes of the pilot.”

The TSA last year started testing the equipment in the Los Angeles transit system.

View Source

International Criminal Communication Service Dismantled

International organized crime and drug trafficking groups were dealt a blow by the takedown of an encrypted communication service they used to plan and commit their crimes, the FBI and its international partners announced yesterday.

Canada-based Phantom Secure was a criminal enterprise that provided secure communications to high-level drug traffickers and other criminal organization leaders. The group purchased smartphones, removed all of the typical functionality—calling, texting, Internet, and GPS—and installed an encrypted e-mail system, so the phones could only communicate with each other. If a customer was arrested, Phantom Secure destroyed the data on that phone, which is obstruction of justice under U.S. law. In an attempt to thwart law enforcement efforts, the company required new customers to have a reference from an existing user.

Given the limited functionality of the phones and the fact that they only operate within a closed network of criminals, all of Phantom Secure’s customers are believed to be involved in serious criminal activity. Most of Phantom Secure’s 10,000 to 20,000 users are the top-level leaders of nefarious transnational criminal organizations in the U.S. and several other countries, and the products were marketed as impervious to decryption or wiretapping.

“Working with our international partners in Australia and Canada, we learned that these phones have been used to coordinate drug trafficking, murders, assaults, money laundering, and all sorts of other crimes,” said Special Agent Nicholas Cheviron of the FBI’s San Diego Division, who investigated the case along with U.S. and international counterparts. “By shutting down Phantom Secure, criminals worldwide no longer have that platform to conduct their dangerous criminal activities.”

In collaboration with the Australian Federal Police, Royal Canadian Mounted Police, and law enforcement agencies in Panama, Hong Kong, and Thailand, Phantom Secure’s founder and chief executive Vincent Ramos was arrested in Bellingham, Washington, on March 7. Four of Ramos’ associates are fugitives. They are charged with conspiracy to distribute narcotics and Racketeer Influenced and Corrupt Organizations (RICO) Act violations.

Read More

Louisville Plans to Become First U.S. City to Use Drones

Louisville, Ky., is vying to become probably the first city in the country to use autonomous drones to respond to the sound of gunfire.

The city has applied for a special program the Federal Aviation Administration is running, where it will give a handful of cities temporary permission to get around long-standing drone rules in order to run pilot projects. Those rules, which operators typically have to get individual waivers to get around, include flying drones outside the operator’s line of sight, flying at night and flying above people.

All of those rules would make it pretty difficult for a city to do what Louisville wants to do. The city has ShotSpotter sensors spread throughout its urban fabric, listening for gunshots. When such a noise is picked up, and interpreted by ShotSpotter’s analysts to be gunfire and not a similar sound, a notification is sent to police who can respond to the scene.

Louisville wants to try out the concept of sending self-routing drones to fly to the scene first. That could bring about several possible benefits: Since they’re airborne, drones would likely be able to arrive on scene faster than a police officer. With an aerial view, they could capture video evidence to help authorities find the person who fired the weapon. And in the case of a false alarm — there have been reports of sensors interpreting fireworks and backfiring cars as gunshots — the drones might be able to keep an officer from responding to nothing.

It’s an idea that came out of need. According to Chris Seidt, Louisville’s director of information technology, Mayor Greg Fischer tasked the city’s Office of Performance Improvement and Innovation — which Seidt was in before moving to his current position — with finding outside-the-box solutions to some urgent problems.

Gun violence was a big one. According to LouieStat, the city’s statistics portal, Louisville saw shootings more than double from 228 in 2014 to 460 in 2016. They fell in 2017, but around that time the city was installing ShotSpotter. The new system gave officials an indication that there was still a lot of shooting to worry about.

“In its first six months of existence, we had 800 activations of the system,” Seidt said. “In the 400 square miles of Jefferson County, that’s a bit of a problem.”

Another bad statistic for the city: Its clearance rate, or the rate at which homicide cases end in an arrest, is about 50 percent. That’s below the national average.

“We thought, ‘What’s the likelihood of getting a better clearance rate if we get to the site of a gunshot incident quickly?’” Seidt said.

Read More

Two charged with attempted robbery

Two people face attempted armed robbery and drug distribution charges after police said they followed a man from the Horseshoe Casino in Baltimore to the Annapolis Police Department and attempted to hold him up at gunpoint with a BB gun.

Annapolis police said a man drove into the parking lot of the department on Taylor Avenue around 4:40 p.m. after he noticed he was being followed by another vehicle.

According to charging documents, the victim was at the Horseshoe Casino in Baltimore on line waiting to cash out chips when he was approached by Breiya Evans, 23 of Owings Mills.

After he declined an invitation for a drink, charging documents state that he noticed Evans and another man continued to follow him to the elevator and out of the casino.

 The man then got two security guards to escort him out of the building, police wrote, but he soon found himself being followed in his car by Evans and the man.
Charging documents state the man pulled “several evasive maneuvers” to try to elude the two, but to no avail. He drove from the casino to Annapolis with them following closely behind the whole way, police said.

When he pulled into the police department’s parking lot, police said the other vehicle pulled up behind him and Evans pointed what looked like a handgun at him.

Fearing he was being robbed, he ran into the police department and attracted the attention of an officer, police said.

When confronted, police said the woman was wielding a BB gun designed to look like a real handgun. Police added when they searched her car they found “13 individual baggies of marijuana.”

Evans and the passenger, Patrick Palmer, 25, of Baltimore, were arrested and charged with armed robbery, felony assault and drug distribution charges along with eight other misdemeanor offenses.

View Source

U.S. bars drones over nuclear sites for security reasons

WASHINGTON (Reuters) - The Federal Aviation Administration said Monday it will bar drone flights over seven major U.S. nuclear sites, including Los Alamos National Laboratory in New Mexico.

The move is the latest in a series of growing restrictions on unmanned aerial vehicles over U.S. sites that have national security implications.

The new restrictions begin Dec. 29 and include the Hanford Site in Washington State, Idaho National Laboratory, Savannah River National Laboratory in South Carolina, Pantex Site in Texas and the Y-12 National Security Site and Oak Ridge National Laboratory in Tennessee.

The FAA said it is considering additional requests from other federal security agencies to bar drones.

Earlier this year, the FAA banned drone flights over 133 U.S. military facilities. The Pentagon said in August that U.S. military bases could shoot down drones that endanger aviation safety or pose other threats.

The FAA also banned drone flights over 10 U.S. landmarks in September, including the Statue of Liberty in New York and Mount Rushmore National Memorial in South Dakota, at the request of national security and law enforcement agencies.

It separately barred drone flights over the USS Constitution in Boston, the Gateway Arch in St. Louis and Independence National Historical Park in Philadelphia. The list also includes Glen Canyon Dam in Arizona, Hoover Dam in Nevada and Grand Coulee Dam in Washington state.

Last week, the National Transportation Safety Board said a September collision between a small civilian drone and a U.S. Army helicopter was caused by the drone operator’s failure to see the helicopter because he was intentionally flying the drone out of visual range.

The incident between a U.S. Army UH-60M Black Hawk helicopter and a DJI Phantom 4 drone near Staten Island, New York occurred as concerns mount over the rising number of unmanned aircraft in U.S. airspace.

Read More

Robot Security guard freaks out homeless people

The San Francisco SPCA, a non-profit whose mission is “to save and protect animals … and enhance the human-animal bond,” is reportedly doing just the opposite with its latest robot security guard.

It is terrifying homeless people that hang out near the SPCA building in the Mission section of the city, which was part of its objective, but it is freaking out residents as well.

According to San Francisco Business Times, the robot ─ dubbed K9 ─ was put into place to try and deal with the number of needles, car break-ins and other crimes that have reportedly come from a nearby encampment of homeless people.

“We weren’t able to use the sidewalks at all when there’s needles and tents and bikes, so from a walking standpoint I find the robot much easier to navigate than an encampment,” Jennifer Scarlett, the SPCA’s president, said in an interview with the San Francisco Business Times. 

After the SPCA implemented the robot, Scarlett said homeless encampments disappeared and fewer cars were broken into. She added that it was not clear whether the robot was the cause of the decrease in crime, but that there was a correlation.

Upon seeing the robot, some of the people in the encampment expressed their annoyance, putting barbecue sauce on its sensors, knocking it over and putting a tarp on it, Scarlett said. 

The people in the homeless encampment were not the only ones who were freaked out by the robot.

San Francisco resident Fran Taylor, who lives near the SPCA location, said the robot approached her and her dog while she was out for a walk. The dog began barking and attempted to go near it, while she yelled at it to stop. The robot eventually stopped 10 feet away from her.

Taylor wound up writing a letter to the SPCA, expressing her displeasure after her run-in with the robot. The SPCA responded saying it had security concerns and that the robot was part of its solution.

Last week, the city of San Francisco ordered the SPCA to keep its robot off the sidewalks or it would face a $1,000-a-day penalty for operating it in the public right-of-way without a permit.

Read More

Virginia Credit Union using new eye print security option

Virginia Credit Union is offering another layer of security for its mobile banking users.

EyeVerify is a biometric authentication based on a person’s eye print. The feature uses a phone camera and eye print to confirm the user’s identity when opening the credit union’s mobile banking app.

EyeVerify is an option for members who do not want to manually enter a password or for those do not have a phone that accepts fingerprint identification. Unlike other biometric technologies, it doesn’t depend on a particular model of smartphone.

 
“Since not all phones are enabled for fingerprint authentication but most offer a camera, we wanted to provide an additional layer of security for their mobile banking information,” said Frank Macrina, senior vice president of products and channels for Virginia Credit Union.

The optional technology can provide users with a fast and secure way to use the mobile banking app, Macrina said. Also, if a phone is lost, EyeVerify locks down access to the member’s accounts.

It can be used as well for people who have joint accounts, with eye prints recorded for both users and verified upon opening the app.

The eye biometric offers a stronger option than a thumbprint, Macrina said. However, it is a new technology, and the thumbprint is still the most popular method of biometric security.

The credit union began offering the technology in the spring ahead of many of its banking competitors.

Read More

Drone pilot arrested after multiple NFL stadium incidents

A California man was arrested Sunday for flying a drone over two NFL stadiums and attempting to drop anti-media pamphlets into the crowd.

Tracy Mapes, a 55-year-old Sacramento resident, was cited and released by Santa Clara police for flying the drone in violation of a local municipal code, department spokesperson Dan Moreno told USA TODAY Sports on Monday.

The drone appeared at Levi’s Stadium during the second quarter of the San Francisco 49ers’ 24-13 loss to the Seattle Seahawks and was later seen over Oakland Coliseum, where the Oakland Raiders were playing the Denver Broncos.

Moreno said the message on the leaflets was “anti-local news media, and TV news stations specifically.” The charge was a misdemeanor, he said.

There is also an ongoing federal investigation and Mapes may face additional charges, according to Moreno, because the Federal Aviation Administration prohibits the flying of drones within five miles of an airport. Both Levi’s Stadium and Oakland Coliseum are within that range.

The San Francisco Chronicle added that the drone was a relatively ineffective messenger because “most of the drone-dropped leaflets were carried away by the win.

View Source

30 tickets issued daily through RPS bus camera system

RICHMOND, Va. (WRIC) — 8News investigates to see how Richmond Public Schools bus camera system is keeping students safe.

RPS is the only district in Central Virginia that has installed a stop-arm camera system on their school buses. The second district in the state.

The camera system is designed to catch reckless drivers illegally passing school buses.

“We’re averaging 30 violations a day,” Interim Superintendent Tommy Kranz says, “So that indicates to me that yes, it is working.”

100 school buses are equipped with a total of 13 cameras, nine on the outside and four on the inside.

From the first day of Fall to October 24, 1,021 citations were issued to drivers who illegally pass a school bus when the stop-arm is out or red lights are flashing.

8News obtained video through Richmond Public Schools in which cameras caught drivers nearly hitting students when the school bus was stopped.

Michelle Kitts is a RPS parent and admits she even goes a different route in the mornings to avoid the bus stops.

“If they have kids they know how it feels to see somebody speed passed the buses when there are kids,” Kitts says, “even at the stop with no buses around so everyone should slow down and take it easy.”

Kevin Hunter, another RPS parent says he wasn’t surprised by the number of tickets that were issued in the first seven weeks this Fall. He says he believes drivers need to put down their cell phones and pay more attention to the road before a child is hurt.

“As a foster dad I don’t want to see any of my kids go you know shot across the street then you got some driver coming and don’t pay attention,” Hunter said.

In a press release sent to 8News this summer, Richmond Public Schools said they wanted to have all school buses equipped with the camera system by the start of the semester. However, the company that installs the camera paid to install cameras on the first 50 buses and have been working in phases to install the rest. This revenue is generated from the citations that are issued.

Read More