STE WILLIAMS

Lockheed Martin has won a contract worth up to $454m to help the Pentagon with its Cyber Crime Center.

The company will provide support to the Department of Defense’s centre, known as DC3, which investigates criminal, counterintelligence and counterterrorism cases and will also offer security support to Defense Industrial Base partners.

“Our industry team provides solutions to address a cyber threat environment that is highly dynamic and growing in volume and complexity,” said Dr Rohan Amin, DC3 programme director for Lockheed Martin, in a canned statement.

“We recognise the uniqueness of the mission and look forward to working with DC3 to address these future challenges.”

General Dynamics, which previously ran the centre, lost out on the contract to Lockheed in January, but filed a protest against the decision with the Government Accountability Office.

The company subsequently dropped its complaint after nabbing a subcontract off Lockheed, a source familiar with the matter told Reuters.

Lockheed will deliver digital and multimedia forensics examination, analysis, research, development, test and evaluation, information technology and cyber analytical services to the DC3. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/04/lockheed_wins_cybercrime_centre_contract/

Strains of bird flu that could spread among humans have been created in the lab – and now full details on just how this was done have been published openly, raising fears that the research could be used by terrorists to craft a deadly bio-weapon plague.

Bird flu, or H5N1, has killed more than half of the 600 people it is known to have infected, but it cannot spread easily between people. So Yoshihiro Kawaoka of the University of Wisconsin-Madison set out to find whether H5N1 could evolve in the wild into a form that was transmissible between humans.

Kawaoka’s FBI-approved team first created thousands of mutant versions of H5N1. From these they identified a version that could stick to cells in the human nose and throat and then combined this with the strain from the wild that caused the 2009 pandemic. With this hybrid virus, the scientists infected ferrets and watched for when the virus evolved a strain that could spread through the air and infect healthy ferrets in neighbouring cages.

According to Kawaoka, the study shows that relatively few mutations are required for the virus to acquire the ability to transmit between mammals, including humans. The strain created during Kawaoka’s research is less severe than the one that caused the 2009 pandemic, it is susceptible to Tamiflu and it did not kill any of the ferrets in the experiments.

But there may be further strains not studied that have the ability to evolve transmissibility. In fact, the researchers have already spotted strains with one of the mutations they identified in Egypt. As Laurence Fishburne’s character in Contagion says: “Someone doesn’t need to weaponise the bird flu. The birds are doing that.”

Kawoaka is less dramatic, claiming that the results can help authorities to prevent or prepare for an outbreak.

“This study has significant public health benefits and contributes to our understanding of this important pathogen,” he said. “By identifying mutations that facilitate transmission among mammals, those whose job it is to monitor viruses circulating in nature can look for these mutations so measures can be taken to effectively protect human health.”

It is an argument made repeatedly over the past few months by Kawoaka and his colleague Ron Fouchier, a researcher at the Erasmus Medical Center in Rotterdam and author of another blocked bird flu paper. Although Kawaoka’s research is now published, Fouchier’s remains under wraps, even though Science magazine has said it will publish the work. The concerns over the researchers’ studies came from the US National Science Advisory Board for Biosecurity (NSABB).

The body’s decision to block the research kickstarted months of tense discussion between virologists, security experts and journal editors. Last month, the NSABB reversed its controversial decision after Kawaoka and Fouchier amended their papers. “The revised papers had more clarity on risks and benefits,” said the NSABB’s Paul Keim, who added that the board comprises scientists, not “generals and colonels and majors”.

Fouchier admitted at an emergency conference convened in April to discuss the controversy, that most of the extra 1000 words he added to his paper dealt with the level of biosecurity in place during the research.

The Dutch virologist explained that due to the biosecurity conditions in place, if an accident were to happen, “the public won’t be exposed, but the individuals in the laboratory will be”. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/h4n1_flu_study_published/

The official QA from the Ministry on the new passports says China will use the same smart-card based chip technology adopted elsewhere and that only Chinese authorities will be able to read much of the data they store. That will include a signature, photograph and fingerprint. Applicants for the new passports must submit the latter, unless they are under 16 years of age and their parents disapprove of the procedure. China will therefore create a database of the biometric identifiers of passport holders. The new passports will also use “colorless fluorescent printing, shaped rainbow printing, multi-level, multi-color wiring, gravure luster ink, laser perforation and high-resolution holographic protection film, the announcement says (in translation, via. Google).”

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/04/china_chips_its_passports/

Six weeks after Microsoft was accused of leaking attack code for a security flaw, Redmond has pointed the finger at a Chinese firewall company and revoked its partner status.

Via its Computer Security Response blog, Microsoft’s Director of Trustworthy Computing, Yunsun Wee, has tersely announced the decision, writing “we determined that a member of the MAPP (Microsoft Active Protections Program) program, Hangzhou DPTech … had breached our non-disclosure agreement.”

Wee also said Microsoft will strengthen the protections under the program.

In mid-March, Microsoft had warned that the critical RDP bugs were likely to be exploited, and within 72 hours of the warning, proof-of-concept code had appeared in China. Sophos warned at the time that it had seen attempts to exploit the flaw.

After the leak, Italian security researcher Luigi Auriemma who reported the vulnerability to Microsoft had accused Redmond of leaking the exploit code.

In other news, Microsoft has released its pre-brief for next week’s Patch Tuesday. Users should expect updates covering Windows, .NET, Silverlight, and Office, protecting against remote code execution and privilege escalation bugs. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/ms_kicks_dptech_off_mapp/

Cabinet Office minister Francis Maude has warned that the London Olympics will not be immune to cyber attack.

The man who urged all Blighty to start stocking up on petrol by pouring it into jerry cans said that a crack team has been set up dedicated to guarding the Games against attack.

“The Beijing Olympics saw 12 million cyber security incidents during their Olympics,” he said.

“We have rightly been preparing for some time – a dedicated unit will help guard the London Olympics against cyber attack – we are determined to have a safe and secure Games.”

Speaking during a visit to Estonia, Maude said the UK was well aware of the dangers from “the dark side of the internet”.

“UK Government networks continue to be regularly targeted by foreign intelligence agencies, or groups working on their behalf – and we know that the threat is accelerating,” he said.

“High-end cyber security solutions that were used 18 months ago by a limited number of organisations to protect their networks may already be out in the open marketplace – giving cyber criminals the knowledge to get round these protective measures.

“Our responses have to be fast and flexible. What works one day is unlikely to work a matter of months or even weeks later,” he added.

The minister, who is also responsible for the Office for Cyber Security, said the country had already made moves to protect its infrastructure with the launch of the National Cyber Security Programme and the decision to rate cyber intrusions as a tier one threat to national security.

Maude added that £650m had been allocated over four years to fund responses to cyber attacks and announced that £400,000 was being committed this year to the Get Safe Online campaign which gives out advice on internet safety.

“A recent survey showed that one in seven large organisations have been hacked in the last year, with large organisations facing one outsider attack per week; small businesses face one a month,” he said.

“Intellectual property theft through cyber crime is a major concern. Countries and organisations across the globe are losing billions of pounds each year to cyber criminals.”

Maude said there had to be partnership between the public and private sectors to protect against online crime.

“There needs to be more alerting and greater awareness of attacks – with private organisations working in partnership with each other, government and law enforcement agencies, sharing information and resources so we can build up a better picture of the threats we’re facing and collectively fight a common challenge,” he said.

However, he insisted that the government was going to resist the temptation to over-regulate the internet and try to take control of it.

“The internet after all has flourished precisely because it has been shaped by its users, not by governments,” he said.

Maude was speaking to the International Centre for Defence Studies in Estonia, which is rated one of the most connected countries in the world and a pioneer in cyber security. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/francis_maude_olympics_cyber_attack/

Secure token biz Gemalto has landed the contract to print the next 80 million identity documents for the Driver and Vehicle Licensing Agency (DVLA), including next-gen driving licences to be deployed next year.

The new licences will feature laser-etched edges, making them even harder to copy, but they’ll also be compliant with EU standards regulations. The contract also includes digital tachograph cards (aka swindle sheets), and biometric residence permits, although we’re waiting for clarification on how the latter falls into the UK Driver and Vehicle Licensing Agency’s remit.

The pink licences were horribly easy to forge, unlike the edge-printed ones

Gemalto is better known, in these pages, as making the secure chips embedded in credit cards and SIMs, but in common with most players in that market it also prints difficult-to-forge documents even if (unlike some of the competition) it didn’t emerge from that business.

It was formed in 2006 from the merger of Gemplus and Axalto, both important players in the secure token business, and has been busy expanding its offerings up the value chain into secure transaction management, landing the contract to run servers for the US operator cartel ISIS.

Like that deal, this is an open-ended contract, simply being referred to as “multi-year”, but the DVLA contract is just about printing the millions of hard-to-forge documents at its Fareham site in Hampshire, which is being developed to integrate with the DVLA systems for personalisation. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/gemalto_dvla/

The UK’s Serious Organised Crime Agency’s website has been taken offline following a DDoS attack that started last night and is still going on.

SOCA decided to take the site down itself around 10pm last night to stop the distributed denial of service attack from bothering other connected websites.

“We took the site off temporarily to limit the impact of the DDoS on other clients who are hosted by the same service provider,” a spokesperson told The Reg.

The botnet army has succeeded in getting the site offline, but not a whole lot else.

“Frankly, DDoS are a temporary inconvenience to website visitors but they’re not a security risk to the organisation,” the spokesperson said.

“The information available on the SOCA site is only publically available information; it doesn’t provide access to intelligence or operational material,” the spokesperson added.

SOCA was recently involved in a multinational operation to take down 36 websites that were being used by criminals to sell reams of stolen credit card and bank account data. But the agency wouldn’t say if it knew anything about who was behind the DDoS attack.

“Nobody has claimed responsibility for it,” the spokesperson said. “The timing is interestingly close together so it could be a logical assumption, but we’re not aware of somebody specifically claiming it to be so.”

SOCA has already had to take down its website before because of a DDoS attack, when hacktivist group Lulzsec sent out its botnet army in June 2011. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/soca_site_downed/

North Bristol NHS trust has confirmed it has overspent on its IT budget by almost 100 per cent in recent months as a consequence of the rollout of its Cerner electronic patient record (EPR) system.

The trust has spent £4.5m implementing the Cerner system to date, the majority of which was spent during this January and February.

Over the 11 months to February, the organisation noted a £2.33m overspend on its IT budget of £5.36m, all of which was a result of the Cerner rollout, a spokeswoman for the trust said.

The budget overrun was due to the provision of extra “floor walkers” to help hospital staff with the new system and additional technical resources, according to the trust. The resources were needed to support the March relaunch of Cerner intended to fix the problems that the trust’s outpatient clinics had experienced with the system.

Additional costs for hardware also contributed to the budget overrun, the board said.

“The forecast spend on the project is £5.1m which represents a considerable overspend on the project as a result of the problems encountered,” the trust’s board papers added.

Ruth Brunt, chief executive at North Bristol, said: “We put in place extra staff to rectify issues with data migration of clinic lists and ensure that our new system could be fully operational as quickly as possible in all areas.”

The trust began implementation of the Cerner system on 8 December 2011, starting with emergency and intensive care wards, before moving to community hospital wards. The work was completed at the end of February when all clinics went live.

“The implementation went as planned in our emergency department, in our two minor injury units and 60 plus ward areas, but we experienced significant problems in outpatients, and some issues in theatres,” Brunt added.

In March 2012 the trust said the EPR roll out had led to a series of clinical incidents. In the first few weeks after its implementation, the trust cited Cerner as the causal factor in 16 clinical incidents, including problems such lack of patient notes and incorrect clinic lists.

Brunt said that problems with the Cerner rollout have been overcome and that the EPR system is currently working successfully.

By the time the trust’s new £430m hospital at Southmead is completed in April 2014, the trust intends that it will be only using electronic patient information.

“The trust is now working to consolidate and optimise the system across the organisation and working towards getting the benefits we envisaged when we embarked on this journey, and prepare for the move to the new hospital in 2014,” Brunt said.

An independent review into the issues surrounding the implementation of the EPR system has been commissioned by the trust.

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/north_bristol_nhs_budget/

A retired special ops detective has been arrested by officers investigating allegations of illegal payments to police in relation to an ongoing inquiry into the phone-hacking scandal that has swamped Rupert Murdoch’s British newspaper business.

The Met confirmed this morning that they had cuffed a 57-year-old man at his home address in Surrey at 6.30am today on suspicion of misconduct in a public office.

The unnamed man had served in the MPS specialist operations command unit in central London.

Scotland Yard said:

Today’s arrest is the result of information provided to police by News Corporation’s Management Standards Committee. It relates to suspected payments to a former police officer and is not about seeking journalists to reveal confidential sources in relation to information that has been obtained legitimately.

The former cop is currently being grilled at a police station in southwest London while his home address is being searched, the Met added.

His arrest brings the total number of people cuffed and later bailed in relation to Operation Elveden to 27 so far.

Elveden, the official name of the police’s investigation into alleged illegal payments to police officers in exchange for information is being undertaken in tandem with two other police operations. The first – Operation Weeting – is a probe into phone-hacking claims at the now-defunct Sunday tabloid News of the Worldand the second – Operation Tuleta – is looking at alleged breaches of privacy including computer hacking.

Just yesterday, News Corp defended its boss Murdoch as being “fit” to run a multinational company, after MPs issued a damning report earlier this week in which they questioned the 81-year-old’s ability to run an international business in light of his “wilful blindness” over the phone-hacking saga. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/op_elveden_arrest_ex_cop/

Hampshire county council is to begin rolling out a bring your own device (BYOD) scheme later this year.

The council has already begun trialling a programme of allowing staff to use personal devices for business tasks with a view to a wider implementation across the organisation in the autumn.

The trial is investigating what additional layers of security are needed to support the BYOD rollout, according to Jos Creese, Hampshire county council’s CIO.

“There has to be a level of security that is appropriate to a mobile device. In my view that will be some sort of app, let’s say, on a mobile phone that will ensure the segmentation of data and the ability to wipe it if necessary, if that device gets lost, for example,” he told Guardian Government Computing.

BYOD will be used to facilitate remote working at the council, but will not be available to all staff by default.

“There is a cost inevitably, and that has to be offset against mobile and flexible working, so [being involved in the scheme] will be dependent on need,” Creese said.

Hampshire will join a number of local government organisations that have already begun experimenting with BYOD, including Leeds city council, Cambridgeshire county council and Norfolk county council.

“BYOD is relatively limited at the moment but it is something that we think will increase.

“Whether we expect everyone to use their own device in the future, the debate is still going on. We are certainly persuaded it is convenient for people to be able to use their iPhone, iPad, or BlackBerry, and we want to encourage that as an option,” Creese said.

This article was originally published at Guardian Government Computing.

Guardian Government Computing is a business division of Guardian Professional, and covers the latest news and analysis of public sector technology. For updates on public sector IT, join the Government Computing Network here.

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2012/05/03/byod_hampshire/