Fisher Capital Management News: Hackers Broaden Their Attacks

http://fishercapitalmanagementnews.com/2011/05/fisher-capital-management-news-hackers-broaden-their-attacks/

By BEN WORTHEN, RUSSELL ADAMS, NATHAN HODGE and EVAN RAMSTAD

Hacking incidents at defense contractor Lockheed Martin Corp. and broadcaster PBS that surfaced over the past few days show how widespread corporate breaches have become and underline how any organization can become a victim.

Over the weekend, the website for the PBS show “NewsHour” was altered by hackers to include a fake article claiming that rapper Tupac Shakur, who was murdered 15 years ago, was alive in New Zealand. The hackers also posted login information that stations and other entities use to access PBS sites.

The incident followed a recent breach at Lockheed, which said Saturday evening that it had detected a “significant and tenacious attack” against its computer networks on May 21. The company said it stopped the attack before data could be stolen.

The attacks are the latest in a mushrooming of breaches world-wide. While hackers once generally had targeted companies that stored financial data or had classified government information, culprits today are expanding their sights to other corporate secrets or seeking information that can lead to valuable data down the line. Amateur hackers also are becoming increasingly brazen.

In recent months, hackers stole data from EMC Corp.’s RSA security unit, email marketer Epsilon Data Management LLC, two of South Korea’s largest banks and Sony Corp., where the breach temporarily hobbled its online PlayStation Network.

“Almost anyone is a target,” said Alex Stamos, chief technology officer at security firm iSEC Partners. Professional hackers now “have good tools and good technique and know how to string them together,” he said. Hackers also are getting better at identifying the soft spots in corporate defenses, he said.

So-called hactivists, who take revenge on companies for perceived slights, also have moved from simply knocking websites offline to stealing data. “There are enough people out there who aren’t worried about the consequences that they are willing to wage a sustained campaign against a global company,” Mr. Stamos said.

Corporate executives said they no longer can take a passive approach to cybersecurity. Ted Chung chief executive of Hyundai Card/Hyundai Capital Co., an auto finance provider in South Korea that was hacked in April, blamed himself for not paying enough attention to the importance of information-technology security.

“When it comes to big companies or big banks, no CEO is that stupid not to pay attention. But maybe they pay the same attention I did, which is giving encouragement and budget to IT but then saying ‘What do I know about programming?’ ” he said in an interview Monday. “That is the wrong support.”

The latest attacks demonstrate a diversity of motives. Those who attacked Hyundai Capital tried to extract ransom for a database they stole. With Epsilon, the hackers made off with email addresses that could be used to send “phishing” emails that trick recipients into disclosing personal information.

At RSA, the perpetrators stole data about security systems that the company sells to its clients. Alone, the data are worthless, security experts said, but they could be used to crack defenses used by other companies.

With PBS, a group identifying itself as LulzSec claimed credit for the fake article on Tupac Shakur, which the group said was retaliation for a documentary, “WikiSecrets,” about the publication of classified documents on the WikiLeaks website and the Army intelligence analyst who has been charged with leaking them. “By the way, #WikiSecrets s—,” a message to PBS said. While the attack was more akin to graffiti than burglary, it underscored the threats companies now face.

PBS on Monday said it had corrected the false information on its website and was “notifying stations and affected parties to advise them of the situation.”

The fake article first appeared late Sunday night on the PBS “NewsHour” news blog, “The Rundown.” The group then posted a string of Twitter messages in which it took credit for the breach, beginning with a post that read, “Oh s—, what happened to @PBS?” followed shortly after by the post, “What’s wrong with @PBS…? How come their database is seized? Why are passwords cracked?  .” The group then posted links to pages with the login information for the PBS sites.

Shortly after the story was published, PBS “NewsHour” posted several messages on Twitter stating that the article wasn’t produced by PBS and that the site had been hacked.

Separately, Lockheed said Saturday evening that the company’s information-security team detected its attack “almost immediately and took aggressive actions to protect all systems and data.”

“Our systems remain secure; no customer, program or employee personal data has been compromised,” the company said. Lockheed said it was conducting an investigation and that it “has continued to keep the appropriate U.S. government agencies informed of our actions.”

White House Press Secretary Jay Carney told reporters Sunday that President Barack Obama had been briefed on Lockheed attack and that the damage was understood as “fairly minimal.”

Still, that attack is likely to ripple throughout the defense industry. Lockheed supplies some of the most sophisticated weaponry to the U.S. military and is a major provider of information technology to the federal government. The company, based in Bethesda, Md., also is a top international supplier of military and security hardware, employing around 126,000 people world-wide.

Speculation around the Lockheed attack centered on whether hackers may have breached the system by exploiting a vulnerability in SecurID electronic keys made by RSA. In a memo to employees on Sunday, Lockheed Chief Information Officer Sondra Barbour said the company “took swift and deliberate actions” to step up security, including shutting down a virtual private network, resetting user passwords and upgrading SecurID tokens, among other measures.

In South Korea, prosecutors believe North Korea was behind an attack on a large farm cooperative, which couldn’t provide ATM, credit-card and online services for nearly a week after a system at its Seoul headquarters was accessed remotely. How law enforcement tracked the attack to North Korea wasn’t disclosed. But authorities said a link was made to the same Internet servers North Korea used in a 2010 denial-of-service attack against South Korean government websites. North Korea called the South’s accusation in the latest case “absurd” and “unreasonable.”

At Hyundai Capital, a pair of hackers in South Korea gained access to the company’s databases and downloaded personal information on 1.7 million customers. After the company contacted police, it agreed to pay part of what hackers sought. Police arrested the hackers after one was recorded by an ATM video camera as the hacker tried to withdraw some of the ransom. The company has since revamped its IT operation and begun an overhaul of its cybersecurity.

Fisher Capital Management Investment Strategies: London Anti-doping Chief Issues Drug Warning

http://strategies.fishercapitalmanagementstrategies.com/2011/06/27/fisher-capital-management-investment-strategies-london-anti-doping-chief-issues-drug-warning/

The Associated Press

Published: Thursday, Jun. 16, 2011 – 12:44 pm

ROME – The director of the anti-doping lab for the 2012 London Olympics has a warning for any athletes considering using banned substances.

“If you want to take drugs don’t come to London – because we’ll catch you if you take drugs,” professor David Cowan said at the end of a World Anti-Doping Association symposium on Thursday.

Cowan heads King’s College London’s Drug Control Center, the only WADA-accredited lab in Britain.

“The IOC is aiming to test more and more athletes,” Cowan said. “All I can tell you is that in Beijing there were 5,000 samples taken, so obviously that will increase, but even I do not know the exact number.”

About 10,000 athletes are expected at the London Games, and Cowan will be aided by nine other WADA lab directors from around the globe during the competition.

“The biggest challenge with the Olympics is dealing with the (limited time frame),” said Cowan, who also was the head of the forensic science department at King’s College.

“Give me two weeks and it makes things relatively easy, but you hit me with a lot of samples at the same time that’s where you need help from your colleagues, to make sure you make the right decision at the right time.”

Strategies-Fisher Capital Management Strategies: News Corporation Moves to Delay BSkyB Deal to Avoid Its Collapse

http://strategies.fishercapitalmanagementstrategies.com/2011/07/12/strategies-fisher-capital-management-strategies-news-corporation-moves-to-delay-bskyb-deal-to-avoid-its-collapse/

LONDON — Battered by allegations of phone hacking by the now-shuttered News of the World, Rupert Murdoch’s News Corporation on Monday effectively delayed government action on its proposed takeover of the satellite broadcast giant British Sky Broadcasting as the company scrambled to save the $12 billion deal from collapse.

Enlarge This Image

Chris Ratcliffe/Bloomberg News

Technicians at British Sky Broadcasting, which the News Corporation has planned to take over.

Related

• Murdoch Tabloids’ Targets Included Downing Street and the Crown (July 12, 2011)

• British Tabloid Sought Phone Data of Investigators (July 12, 2011)

• The Lede Blog: Celebrity Targets of Tabloid Cheer Its Demise (July 11, 2011)

• The Lede Blog: Murdoch Papers Reportedly Targeted Gordon Brown (July 11, 2011)

The News Corporation announced that it was prepared to submit its offer for the 61 percent of BSkyB it does not already own to the country’s Competition Commission, an independent group that considers mergers and acquisitions within the United Kingdom. The company had previously offered to spin off the Sky News channel to avoid referral to the commission, but now says it wants to keep Sky News and take its chances with the regulator.

“News Corporation is ready to engage with the Competition Commission on substance,” the company said in a statement, adding that it “continues to believe that, taking into account the only relevant legal test, its proposed acquisition will not lead to there being insufficient plurality in news provision in the U.K.”

The announcement gives the deal some breathing room, avoiding an emergency vote called by the opposition Labour Party for Wednesday, when politicians were likely to have dealt a fatal blow to the acquisition. In the longer term, the commission’s lengthy review process, which could take up to eight months, could give the News Corporation some distance from the political fallout of the hacking scandal.

But the move also raises the question of just how much the News Corporation might balance the prospects of the BSkyB acquisition, which would be the largest in the company’s history, with its newspaper business.

Mr. Murdoch built the News Corporation on newspapers — his first love and still where he devotes most of his time and energy — but the tabloid scandal has become a hindrance to his more lucrative digital and entertainment properties. With The News of the World already shut down, many observers wonder whether Mr. Murdoch would stomach selling or closing more papers.

David Bank, a media analyst at RBC Capital Markets in New York, said it was a decision that would win approval from investors.

“Investors would probably want nothing more,” he said. “It’s the worst business in the portfolio.”

But Claire Enders, a media analyst in London, said the News Corporation was still far from such a decisive move as jettisoning all of its British newspapers. “The newspapers are very dear to Mr. Murdoch’s heart,” she said. “You have also got to find a buyer for these things. They are barely profitable.”

The Murdoch family “is in a bunker,” according to one person who is close to the company but declined to be identified discussing confidential matters. But, this person added, the idea of the News Corporation getting out of the newspaper business was very unlikely.

Shares in the News Corporation fell 7 percent on Monday. Since the scandal exploded last week, shares in the company have declined 11.4 percent; shares of BSkyB have fallen more than 15 percent.

Thomas Eagan, an analyst for the London-based company Collins Stewart, said the pullback in the BSkyB stock price could actually help the News Corporation “to get it cheaper than it otherwise would have.”

Acquiring BSkyB would increase the News Corporation’s cash flow and improve its business mix, further reducing the significance of the company’s newspapers, which account for a smaller portion of its revenues than television or film.

BSkyB is firmly rooted across the British media marketplace. In the United States, it would be akin to rolling DirecTV, Turner Broadcasting and ESPN into one.

Like DirecTV, BSkyB beams channels to paying subscribers; it has 10 million in the United Kingdom, making it the biggest such service in the country. Like Turner, it operates news and entertainment channels, including Sky News. Like ESPN, it operates a suite of hugely popular sports channels.

“It is clearly embedded in the viewer’s media habits,” said Alex Degroote, a media analyst for Panmure Gordon & Co. in London.

As the bid now comes before the commission, the referral is sure to delay the News Corporation’s 13-month-old effort. A spokeswoman declined to comment beyond the company’s statement.

However, the contentious bid is also the subject of a separate inquiry by the government media regulator, Ofcom, about the News Corporation’s status as “fit and proper” to hold a broadcast license after what looked like a rubber-stamp decision was thrown into doubt by the revelation that The News of the World had hacked into the voice mail of Milly Dowler, a 13-year-old girl who was abducted and killed in 2002.

Since then, the scandal has mushroomed to include allegations that the paper hacked into the accounts of dead soldiers and that the News Corporation-owned Sunday Times used subterfuge to get personal information about former Prime Minister Gordon Brown.

Deputy Prime Minister Nick Clegg on Monday became the most senior official to publicly urge Mr. Murdoch to abandon the takeover, deepening the hacking scandal that has been transformed from a long-simmering controversy into a full-blown crisis swirling around Mr. Murdoch’s British operation, News International, and its chief executive, Rebekah Brooks.

Mr. Clegg urged Mr. Murdoch to “look how people feel about this — look how the country has reacted with revulsion to the revelations” about the phone-hacking scandal. ”Do the decent and sensible thing, and reconsider, think again about your bid for BSkyB.”

Ed Miliband, the Labour leader, had already called for the bid to be stopped. While Prime Minister David Cameron has not gone so far, on Monday he said that “if I was running the company right now I think they should be focused on cleaning that up rather than on the next corporate move.”

Graham Bowley reported from London, and Brian Stelter from New York. Ravi Somaiya, Julia Werdigier and John F. Burns contributed reporting from London.

Fisher Capital Management News Directory:JPMorgan Chase CEO issues warning on economy

http://fishercapitalmanagementnews.com/2011/05/fisher-capital-management-news-directoryjpmorgan-chase-ceo-issues-warning-on-economy/

If the United States fails to get its fiscal house in order it will trigger financial consequences that will “dwarf Lehman Brothers” and seriously diminish the nation’s role as a world economic leader, the CEO and chairman of JPMorgan Chase & Co., Jamie Dimon, told a Denver audience Thursday night.

Dimon, the man who the New York Times dubbed “the nation’s least hated Wall Street banker,” said political talk about not raising the U.S. debt ceiling could trigger a default on the nation’s financial obligations, which he said will constitute a “moral disaster” that the U.S. will have a nearly impossible time recovering from.

“Things are going to happen that are not going to be pretty,“ Dimon said in a wide-ranging question and answer session at the University of Colorado Denver School of Business’ Celebration of Success dinner.

Congress and the president have to come to grips with gross overspending by the federal government, he acknowledged. But he complained that even though half of the deficit problem is over issues the two major political parties agree on, partisan considerations are preventing progress on any of it.

“Congress needs to deal with the half of it, and leave the rest of it until later,” Dimon said.

U.S. tax rates on corporate profits make the country uncompetitive with other nations of the world, driving capital and jobs overseas, he said. Noting that JPMorgan Chase has paid $100 billion in taxes to the federal government over the last 10 years, Dimon said anti-banking attitudes that permeate political discussions are wrong.

“I’m tired of listening to that crap,” Dimon said.

Fisher Capital Management News: Qaddafi and Zuma Meet but Reach No Agreement

http://fishercapitalmanagementnews.com/2011/05/fisher-capital-management-news-qaddafi-and-zuma-meet-but-reach-no-agreement/

TRIPOLI, Libya — Talks between President Jacob Zuma of South Africa and Col. Muammar el-Qaddafiended Monday with no sign of the breakthrough Libyan officials had said they hoped for ahead of the visit. The outcome appeared to leave the Tripoli government and its rebel foes still mired in the stalemate that has settled over the conflict, and NATO with the prospect of an extended campaign of airstrikes in its bid to topple the Libyan leader.

At the end of a six-hour mission to the Libyan capital on behalf of the African Union, Mr. Zuma listed Colonel Qaddafi’s conditions for peace, which included an immediate cease-fire followed by talks with the rebels. But there was no sign that the Libyan ruler had made any concession on the issue at the center of the stalemate, his rejection of demands that he abandon power and seek exile outside Libya.

The demand for Colonel Qaddafi to quit has been set by rebel leaders in eastern Libya and backed by the NATO countries leading the 10-week-old campaign of airstrikes against the Qaddafi government, and was joined last week by Russia, long considered a Qaddafi ally. But the Libyan leader, despite a succession of heavy strikes on his command compound in Tripoli in the past month, has held fast to his vow to hang on to power.

The apparent failure of Monday’s talks, the first major diplomatic mission to Tripoli since a previous Zuma-led visit in early April, was underlined by the Qaddafi government’s silence in the hours after Mr. Zuma left.

The South African leader, however, spoke to reporters from the state-run broadcasting networks of South Africa and Libya before he boarded a South African military aircraft for the flight home.

He said Colonel Qaddafi had insisted that “all Libyans be given a chance to talk among themselves” about the country’s future, a formulation the government has repeatedly used to reject the possibility of Colonel Qaddafi’s going into exile.

Mr. Zuma said Colonel Qaddafi was ready to accept the so-called African road map for peace, a plan first advanced during the earlier Zuma trip here. The plan calls for an immediate cease-fire, including a halt to NATO bombing, international supervision of the truce, and negotiations between Tripoli and the rebels on a political settlement.

Colonel Qaddafi accepted that plan in April, but quickly ignored it and resumed his offensive against the rebels. The rebel leaders rejected it outright, as they did again on Monday.

“It is only some stuff that Qaddafi wants to announce to stay in power,” the rebel foreign minister, Fathi Baja, told reporters in the rebel stronghold of Benghazi.

The Zuma visit was widely trumpeted in advance by officials in Tripoli, who have come to see the African Union as a last bastion of diplomatic support. For decades, Colonel Qaddafi has sought to reach out across barriers of culture, faith and geography to promote solidarity between the continent’s Arab and African peoples, and to present himself, as posters around Tripoli proclaim him, as the “king of kings” among African leaders.

But Mr. Zuma’s departure appeared to leave the Tripoli government in an increasingly tenuous and isolated position. Beyond the NATO bombing and rebel advances in the east, Colonel Qaddafi has faced a growing erosion of his power base in Tripoli, with an acceleration of defections from his ruling elite.

The erosion gathered pace on Monday when eight senior Libyan Army officers, including five generals, appeared at a news conference in Rome to say that they have defected and to appeal to fellow officers to join the revolt against Colonel Qaddafi, according to The Associated Press.

One of the officers, Gen. Melud Massoud Halasa, said Colonel Qaddafi’s military forces were “only 20 percent as effective” as they were before the revolt broke out in mid-February.

A former Libyan foreign minister, Abdel Rahman Shalgam, told reporters that the defections brought to 120 the number of former top officials who had defected, among them at least five former cabinet ministers.

Fisher Capital Management News: Hackers Broaden Their Attacks

http://fishercapitalmanagementnews.com/2011/05/fisher-capital-management-news-hackers-broaden-their-attacks/

Hacking incidents at defense contractor Lockheed Martin Corp. and broadcaster PBS that surfaced over the past few days show how widespread corporate breaches have become and underline how any organization can become a victim.

Over the weekend, the website for the PBS show “NewsHour” was altered by hackers to include a fake article claiming that rapper Tupac Shakur, who was murdered 15 years ago, was alive in New Zealand. The hackers also posted login information that stations and other entities use to access PBS sites.

The incident followed a recent breach at Lockheed, which said Saturday evening that it had detected a “significant and tenacious attack” against its computer networks on May 21. The company said it stopped the attack before data could be stolen.

The attacks are the latest in a mushrooming of breaches world-wide. While hackers once generally had targeted companies that stored financial data or had classified government information, culprits today are expanding their sights to other corporate secrets or seeking information that can lead to valuable data down the line. Amateur hackers also are becoming increasingly brazen.

In recent months, hackers stole data from EMC Corp.’s RSA security unit, email marketer Epsilon Data Management LLC, two of South Korea’s largest banks and Sony Corp., where the breach temporarily hobbled its online PlayStation Network.

“Almost anyone is a target,” said Alex Stamos, chief technology officer at security firm iSEC Partners. Professional hackers now “have good tools and good technique and know how to string them together,” he said. Hackers also are getting better at identifying the soft spots in corporate defenses, he said.

So-called hactivists, who take revenge on companies for perceived slights, also have moved from simply knocking websites offline to stealing data. “There are enough people out there who aren’t worried about the consequences that they are willing to wage a sustained campaign against a global company,” Mr. Stamos said.

Corporate executives said they no longer can take a passive approach to cybersecurity. Ted Chung chief executive of Hyundai Card/Hyundai Capital Co., an auto finance provider in South Korea that was hacked in April, blamed himself for not paying enough attention to the importance of information-technology security.

“When it comes to big companies or big banks, no CEO is that stupid not to pay attention. But maybe they pay the same attention I did, which is giving encouragement and budget to IT but then saying ‘What do I know about programming?’ ” he said in an interview Monday. “That is the wrong support.”

The latest attacks demonstrate a diversity of motives. Those who attacked Hyundai Capital tried to extract ransom for a database they stole. With Epsilon, the hackers made off with email addresses that could be used to send “phishing” emails that trick recipients into disclosing personal information.

At RSA, the perpetrators stole data about security systems that the company sells to its clients. Alone, the data are worthless, security experts said, but they could be used to crack defenses used by other companies.

With PBS, a group identifying itself as LulzSec claimed credit for the fake article on Tupac Shakur, which the group said was retaliation for a documentary, “WikiSecrets,” about the publication of classified documents on the WikiLeaks website and the Army intelligence analyst who has been charged with leaking them. “By the way, #WikiSecrets s—,” a message to PBS said. While the attack was more akin to graffiti than burglary, it underscored the threats companies now face.

PBS on Monday said it had corrected the false information on its website and was “notifying stations and affected parties to advise them of the situation.”

The fake article first appeared late Sunday night on the PBS “NewsHour” news blog, “The Rundown.” The group then posted a string of Twitter messages in which it took credit for the breach, beginning with a post that read, “Oh s—, what happened to @PBS?” followed shortly after by the post, “What’s wrong with @PBS…? How come their database is seized? Why are passwords cracked?  .” The group then posted links to pages with the login information for the PBS sites.

Shortly after the story was published, PBS “NewsHour” posted several messages on Twitter stating that the article wasn’t produced by PBS and that the site had been hacked.

Separately, Lockheed said Saturday evening that the company’s information-security team detected its attack “almost immediately and took aggressive actions to protect all systems and data.”

“Our systems remain secure; no customer, program or employee personal data has been compromised,” the company said. Lockheed said it was conducting an investigation and that it “has continued to keep the appropriate U.S. government agencies informed of our actions.”

White House Press Secretary Jay Carney told reporters Sunday that President Barack Obama had been briefed on Lockheed attack and that the damage was understood as “fairly minimal.”

Still, that attack is likely to ripple throughout the defense industry. Lockheed supplies some of the most sophisticated weaponry to the U.S. military and is a major provider of information technology to the federal government. The company, based in Bethesda, Md., also is a top international supplier of military and security hardware, employing around 126,000 people world-wide.

Speculation around the Lockheed attack centered on whether hackers may have breached the system by exploiting a vulnerability in SecurID electronic keys made by RSA. In a memo to employees on Sunday, Lockheed Chief Information Officer Sondra Barbour said the company “took swift and deliberate actions” to step up security, including shutting down a virtual private network, resetting user passwords and upgrading SecurID tokens, among other measures.

In South Korea, prosecutors believe North Korea was behind an attack on a large farm cooperative, which couldn’t provide ATM, credit-card and online services for nearly a week after a system at its Seoul headquarters was accessed remotely. How law enforcement tracked the attack to North Korea wasn’t disclosed. But authorities said a link was made to the same Internet servers North Korea used in a 2010 denial-of-service attack against South Korean government websites. North Korea called the South’s accusation in the latest case “absurd” and “unreasonable.”

At Hyundai Capital, a pair of hackers in South Korea gained access to the company’s databases and downloaded personal information on 1.7 million customers. After the company contacted police, it agreed to pay part of what hackers sought. Police arrested the hackers after one was recorded by an ATM video camera as the hacker tried to withdraw some of the ransom. The company has since revamped its IT operation and begun an overhaul of its cybersecurity.

—Ian Sherr
contributed to this article.

Write to Ben Worthen at ben.worthen@wsj.com, Russell Adams at russell.adams@wsj.com and Evan Ramstad at evan.ramstad@wsj.com