Inauguration Security Sets a Record by Itself!

The inauguration of the forty-fourth president, Barack Obama, will have a security force larger than what is currently deployed in Afghanistan to ensure it is a safe and sane event. The human resources securing the event will include Secret Service personnel, almost 30,000 National Guard troops, close to 1,000 FBI personnel, 8,000 police officers, TSA screeners and other more obscure assets.

The security assets deployed for this event are so numerous, I had to read several mainstream news articles and press releases just to try to determine how many agencies were involved. Even after doing this, I would guess there are some that are not being publicly disclosed for good reasons.

Michael Chertoff, Homeland Security Secretary, will be on-hand himself and operating from a multi-agency command center. The command center will have representatives from 58 federal and local agencies. These representatives, who will all be in the same room, will give those involved in the event the ability to instantly communicate with each other.

The command center is live as of this writing and will remain in operation until 4:00 p.m. (Eastern Standard Time) on Wednesday. This is, of course, unless something happens and it needs to remain in operation longer.

Chertoff believes this will be the most complex security event ever mounted, but also mentioned to CNN that he is worried about the cold weather and the impact it might have on unprepared visitors. We need to remember that a lot of unfortunate things can occur when a mass of human beings gather. Unlike most of Bush's administration, Chertoff will remain on duty until after the inauguration is over.

An official press release from Secretary Chertoff, District of Columbia Mayor Adrian M. Fenty, Maryland Governor Martin O’Malley and Virginia Governor Timothy M. Kaine on the inauguration can be seen on the DHS site.

I found more information about inauguration security on the Secret Service site, which states that the FAA (Federal Aviation Administration) will be stepping up security on the air corridors around DC and the Coast Guard will patrol on the Potomac. It also mentions that the police involved will be from the Washington Metropolitan, Park and Capitol departments. If you are attending the event, or live in the area, it has a list of road closures that will be in effect during the inauguration.

The FBI is deploying lot of high-tech security devices including mobile command centers, mine-resistant ambush-protected vehicles, bomb containment vessels and bomb technician vehicles, which resemble a mobile-home.

Mine-Resistant Ambush-Protected Hummer

In addition to the high-tech specialty equipment being deployed by the FBI — they will have a SWAT Team, Hazardous Materials Response Team, Bomb Technicians, an Underwater Search and Response Team and Crisis Negotiators — at the ready to handle a crisis scenario.

Mobile Bomb Containment Vessel

The military personnel — who will be mostly National Guard troops because of a law that prohibits active duty personnel from engaging in domestic law enforcement duties — will have assignments in the events, also. These include providing bomb sniffing dogs, NBC (Nuclear, Biological and Chemical) teams, transportation and communications units.

According to all of the officials involved, there is no specific threat they are worried about. Although some of the pundits are complaining that the security for this event is too intense, the proof in the pudding will be allowing them to claim they were right after it is all over. If that is the case, nothing will have happened and these measures will have accomplished their goal!

Social Security employee causing $2.5 million in credit card fraud reveals how easily information is stolen from within

Recently, I blogged about a former IRS employee, who committed $330,000 of retail refund fraud (basically shoplifting) in nine states. This morning, I read about a former Social Security Administration employee, who caused an alleged $2.5 million in credit card fraud by providing detailed information on victims to an external identity thief.

Sharon Gaudin at Information Week writes:

The indictment alleges that Batiste conspired with her cohort Craig Harris and others by agreeing to access the Social Security Administration's computer system to run search queries for Harris.

Harris, a 50-year-old Los Angeles resident, pleaded guilty in September to conspiracy and unlawful possession of a means of identification. Harris, who faces a maximum sentence of 10 years in prison, is scheduled to be sentenced on July 17.

The government contends that Harris would give Batiste some identifying piece of information about someone -- either a name or Social Security number -- and Batiste would then query the government system to pull up enough other identifying information to put the person's identity at risk.

Information Week article, here.

According to the article, the arrest was the result of the work of the Economic Crimes Task Force, which includes both federal and local assets in Southern California.

Last October, I wrote about a task force in Southern California responsible for catching a lot of insider related (employee) identity theft. My post is still up, but the link to the LA Times article is now down and nothing else can be found about it on Google.

I suppose insider problems aren't as newsworthy as large scale data-breaches, involving highly skilled hackers. The reason for this might be that they are embarrassing to the organization involved, and they don't help sell expensive (computer related) security fixes.

In fact, a trusted insider, can normally get past all the above referenced security fixes, simply because they have access.

And if you think about it, retail, restaurant and clerical employees have access to a lot of information. It's a lot easier to bribe, or even place a person inside an organization to steal information than hack it from the outside.

Trust me, it's going on in the business (and it appears) civil service worlds, daily.

Perhaps, all the experts, should take a closer look at this problem and how to control it.

Here's a previous post, I wrote on this subject, where the Secret Service is doing this:

Secret Service is Studying the Problem from Within

LA County has a hot line to report government employees committing fraud. The information to contact it can be found, here.

The FBI has also set up a place, where anyone can report public corruption, here.

A lot of large companies have a dedicated hot line to report internal problems, or you can ask to speak to someone in their security department. Smaller businesses normally don't have these resources, but most owners would be highly interested if someone working for them was stealing.

It's not good for business!

In some instances (not all), there are financial incentives for reporting insider dishonesty.

If you are worried about safety issues, I always recommending doing this, anonymously.

Secret Service is Studying the Problem from Within

The USSS (Secret Service) is studying how dishonest "insiders" can pose a large problem to organizations.

Here's what they say about it in their press release:

The report released today focuses on the people who have had access to and have perpetrated harm using information systems in the banking and finance sector, which includes credit unions and financial institutions. The findings underscore the importance of organizations’ technology, policies and procedures in securing their networks against insider threats, as most of the cases showcased in the report were perpetrated by insiders with minimal technical skills. Various proactive practices are among the suggestions offered by the report.

“With the potential for cyber crime and network intrusion expanding rapidly around the globe, the importance of cooperation with our partners in the private sector is greater than ever,” said Secret Service Director W. Ralph Basham. “The Insider Threat Study is a solid example of the role the Secret Service and its partners can play in understanding threats and helping to prevent serious crimes such as network intrusions, identity theft and financial fraud.”

Link to press release, here.

Link to full study, here.

I have no doubt that individuals and even people planted as "insiders" pose a serious threat to the safety/security of any organization. Information is worth a lot of money and getting an asset on the inside makes stealing it, pretty easy.

There is a report by the Privacy Rights Clearinghouse, I quote often, which shows that the reason for a lot of data breaches is never discovered, here.

I wonder if any of them were inside jobs?