Our enemies are increasingly unconventional and so too must be our defenses against them.  I praise those strategists and researchers who look outside of the box for answers.  Well, technically in this instance they are looking inside the box …  see video below.  It looks like a regular sniffer, right?  Actually, the box houses a team of trained mice who trip the alarm when they encounter the scent of explosives.  For the sake of accuracy, more than one mouse must agree before it alarms.  Who knew that mice noses are even more sensitive than man’s best friend?  A mouse has 1,120 olfactory receptor genes versus

(more…)

Not all technology is equal in terms of its effective application to a given security challenge, and no one technology offers an ultimate solution to our terrorism woes.  Many travelers protest having to pass through the airport back scatter scanners.  I personally object for a variety of reasons but my main issue with the scanner isn’t an invasion of privacy but the approach of trying to scan everyone.  Randomly.

WeCu Technologies – an Israeli startup – has developed a biometric scanning system that looks for those individuals who react to stimuli that are associated with – for example – a potential terrorist threat.  The scan itself takes between 15 and 30 seconds and is basically non intrusive.  The system tracks heart rate, stress level, sweating, eye movement and other facial expressions in response to images or language displayed on a screen.  The idea is that a person will have an emotional or cognitive response when exposed to stimuli that are associated with a topic or deed with which that person is familiar.  So if they flashed a picture of my ex boyfriend, an alleged Mafia hit man wanted by the FBI, I would most likely have a very different cognitive and emotional response to seeing that image than would anyone else around me.  Likewise, a terrorist seeing a Jihadist favored phrase from the Koran.

(more…)

The Stuxnet worm was first identified back in January 2010. This weekend, Iran admitted that at this point, over 30,000 of its Window PCs have been infected, prompting renewed speculation about the worm’s purpose.

Stuxnet has been called the most sophisticated malware yet created. Unlike your typical worm or virus designed for financial gain, this one targets infrastructure – specifically, industrial control systems that manage and monitor machinery in power plants, factories, military installations and the like. Interesting characteristics of the worm’s design included its use of stolen, legitimate security certificates and taking advantage of four previously unknown vulnerabilities in Windows. Recently another element of Stuxnet has been identified. It seems able to reinfect a PC even after it has been scrubbed by [geek alert] injecting a malicious DLL into every Step 7 project (a standard software package used for configuring and programming SIMATIC programmable logic controllers) on a compromised PC.

(more…)

Facebook has been plagued with another viral scam – the false “dislike” button.  Of course the irony is that many Facebook users have been asking for such a button, to complement the existing, legitimate “like” button.  Apparently Facebook users want to be able criticize as well as show encouragement for user posts.  This demand was taken advantage of by scammers who offered up a malicious, faux dislike button installation that once it obtains access the user’s profile posts spam from the user’s account.

On top of this, the world is speeding up.  We are impatient and accept nothing less than instant.  According to a recent survey, it seems that college kids are finding email “too slow” and instead are opting for IM or SMS.  (SMS is winning the pack; it integrates with social networks and interacts over multiple platforms.

(more…)

I cannot live without my smart phone.  Take my car.  My cat (sorry Fluffy).  Just not the phone.  I use it for email both work and personal.  It houses not only all my contacts but all kinds of useful information in the form of notes and calendar appointments and to do lists.  I check my bank and credit balances on it.  I also depend heavily on its GPS tools to shepherd me through the world.

I am not alone.  This year, there are about 45 million smart phones in use, just in the U.S.  These numbers are growing fast.

Imagine my sinking feeling to read about the research team at Rutgers’s University who managed to: (more…)

Airport screening technology research seems to be moving away from looking only for malicious objects and towards looking also for malicious intent.

The U.S. Homeland Security Department has been funding a project called FAST: Future Attribute Screening Technology whose purpose is to use physiological cues (perspiration, eye movement, heart rate, body temperature, etc.) to detect people who intend on doing harm.  FAST builds on research that shows how one’s physical reactions reflect an emotional or mental state.  Simply put, twitching and sweaty = nervous. 

And nervous may mean you are up to no good.  Or, not.  An absence of factors would likewise be suspicious, according to project descriptions.

(more…)

A Russian hacker who says he is living in New Zealand, going by the name of Kirllos has claimed on various hacker forums that he has managed to steal the account information for 1.5 million Facebook users and he’s offering those accounts at very low pricing.

Kirllos is offering the user names and passwords of 1.5 million Facebook users for between $35 and $62.70 per 1000 accounts sold on an underground hacker forum. The New York Times reported that the login details of as many as 700,000 Facebook had already been sold.

Little is known about Kirllos, although his ICQ account says he is a 24-year-old who was born in Russia and speaks English, French and Russian.

(more…)

According to an article in the Jerusalem Post, the Israel Airport Authority (which declined comment) has implemented a policy of sending suspicious animals through X-ray machines to confirm that bombs have not been hidden inside their bodies by terrorists.  When you note that effective terrorist threat mitigation requires keeping ahead of terrorist methods, it doesn’t sound as silly.  There have been numerous instances of using animals (dogs, donkeys) and recently humans to conceal bombs (Abdullah Asieri carried a pound of explosive plus detonator in his rectum in a failed attempt to assassinate a Saudi Prince).

Intelligent screening always takes into account threat based on terrorist MOs, and if the passenger – and in this case their furry four legged traveling companion – are suspicious vis a vis a given MO.  I’m pretty sure that no screener at Ben Gurion would engage your pet in questioning about the nature of his trip (“Fido, did you keep your water bowl in view at all times?” Not because of the language barrier, but because like anything else, not every pet is threatening.  Likewise, not every pet is built for a bomb.  Too small to artfully conceal a bomb, the diminutive Chihuahua is probably safe from xray screening altogether.  On the other hand, if Richard Reid had been carrying a poodle, that poodle would be scrutinized, along with the rest of Reid’s possessions.

The U.S. Department of Homeland Security and its Technology Directorate division want to help create 40 prototypes, by the end of this year, of cell phones that can detect toxic chemicals in the air. Upon receiving an indication of a potentially toxic gas, the cell phone will alert the user and will send an anonymous notification to the local authorities.

The new application should also handle false positives by cross referencing indications from other cell phones. For example, suppose a poisonous gas was released at a train station. The service would look for correlated reports across a number of devices in a particular location. This capability will allow law enforcement and first responders to pinpoint the exact location of the incident.

Qualcomm, NASA, and Rhevision Technology are teaming up to work on the next step of the testing phase: proof of principle. Also, Homeland Security’s Science and Technology arm is actively engaging Qualcomm, LG, Apple, and Samsung — with research and development agreements to hopefully use your phone as the digital sniffer of the future.

The following is a comprehensive list of “do’s and don’ts,” a guideline for safe online behavior, written with the non technical user of the internet in mind.  We discuss tips for safe use of the internet be it emailing, shopping or using social networks, and how to avoid unwanted exposure for you, your family and friends.  We review the tracks you make online that are used by criminals and harassers to exploit, manipulate and even attack an online user.  We explain your digital identity – those footprints left behind whenever we use the internet, and how these traces can be used to gather intelligence on you.

Some of the suggestions are related to our behavior and online habits.  Other implementation suggestions are related to technology and could be passed on to your IT support person.  The bottom line is that in this day and age, we need to educate ourselves and act proactively to be cyber secure.

(more…)