Now, You Know Why I Have Issues With Doctors

Jacksonville Police are looking for a guy who's been posing as a doctor at Wolfson Children's Hospital. To make matters worse, the guy was seen walking in the operating room. Wow, talk about a lawsuit!

The man was stopped because he smelled of alcohol and proceeded to leave once he realized his cover was about to be blown.

The following is a bit disturbing:

Later that day, an employee found the black computer bag the man was seen carrying. The bag was under a car in the parking garage and contained everything the man was seen wearing in the surveillance video, including a badge from Shands-Jacksonville Medical Center with a picture of a young child that was cut out and taped on the badge.

“That in and of itself shows you that this persons possibly was up to something but maybe his attempt was foiled,” Jacksonville Sheriff’s Office spokesman Ken Jefferson said.

The last comment by the spokesman was a bit disturbing because usually people don't impersonate professionals like doctors if they're not up to something. So how did he get access? He used the usual items like a medical coat, a badge, a stethoscope and a clipboard. I swear i you need to get into building in the world all you need is a clipboard and an ID badge.

Time for a Product Review - IronKey

Let me say I was a bit skeptical at first. But one day, while listening to my favorite podcast - SecurityNow, I became intrigued by IronKey. If you know me, then you know "intrigued" usually me spending hours on Google learning as much as I can before I put down the cash to buy anything. I did just that.

I'm avid user of encryption so I have a slightly above basic understanding of how encryption works. Looking into the product, my first impression was that it was just another USB drive with the software on it. Nope. This thing has the encryption on its RAM chip - embedded. To say the least, I was impressed. The casing is almost indestructible without destroying the chips inside. It even has an aluminum backing which you use to engrave you signature in pen - very thin overcoat. It also has a serial number.

To make it sound even cooler - would you believe this thing has a self-destruct sequence? I'm not talking about Mission Impossible countdowns, but it only gives you ten tries to guess the wrong passphrase and then it destroys your data to include the encryption making the drive useless. I love this thing. I HIGHLY recommend this product. Did I forget to mention that IronKey also has its own TOR router with FireFox preloaded? Very cool!

Chinese Really Dig Cyberwarfare...You Think?

My ultra-favorite security magazine Security Management has written an articlle detailing the testimony of certain government officials and contractors before the U.S.-China Economic and Security Review Commision. They informed the panel "that the Chinese government has embraced cyberwarfare and is directing its intrusions at U.S. government and critical infrastructure networks." According to Colonel Gary D. McAlum, director of operations for the Joint Task Force for Global Network Operations,

"The People's Republic of China has concentrated primarily on cyber-reconnaissance, particularly data mining, rather than cyberattacks."

What about all of the attacks originating from China we've been reading about? Don't fret. The Chinese have set a goal of 2050 to achieve "electronic dominance" through attacks on information infrastructure.

The DoD won't come out and say the world's second largest econoomy is vying for supremacy through hacking, it did note "a 31percent increase in malicious activity on its networks from 2006 to 2007." What attraction does cyberwarfare have fo such a country as China? It provide anonymity and an "asymetrical advantage", according to Dr. James Mulvenon, director of advanced studies and analysis for Defense Group, Inc..

Commission Co-chairman Peter T.R. Brookest cited attacks last spring on Estonia recalling that it wanted to evoke the collective defense clause of the NATO Charter and said "this is a question of escalation" moving from non-conventional to conventional, i.e. military, responses.

Mulvenon said there's no reason why the United States should restrict itself to trying to deter cyberattacks electronically. His next remark should sound familiar.

"We should ... begin with the premise that we have all the tools of ... national power, and in many cases it might not be to the U.S. advantage to respond to an electronic or cyberintrusion or cyberattack simply in that realm," he said. "We may, in fact, want to take advantage of escalation dominance that we have in other elements of national power, whether it’s military or economic."

CyberCommand anyone? What about this little tidbit from the article?

Michael R. Wessel said he fears that the perimeter security methods such as routers and firewalls used to protect against network intrusion are produced overseas, increasingly in China." Can we in fact have a secure perimeter," he wondered, "if in fact the Chinese are helping to build that perimeter?"

The nasty Cisco routers are keep creeping back into the blogosphere. For more information from Security Management, click here.