Christie and G.O.P. Repay State for Helicopter Flights

Mr. Christie insisted that he had done nothing wrong and that he had made the payments — a day after his office said he would not — just to put to rest an issue that suddenly dominated news coverage in the state. And he had some scathing words, even by his sharp-tongued standards, for Democrats, political pundits and journalists.

“I am not going to allow the media and the hacks in the Democratic Party to turn this into something that allows them to do what they always like to do, which is get away from serious issues where you have to make hard choices for things that matter, because they want to have a circus,” he said during a visit here for a bill-signing.

Of the Democrats and others who said his helicopter use might have been illegal, Mr. Christie said, “These guys are a joke.”

He added, “They know full well, full well, that it was none of that stuff at all.”

He lashed out at one Democratic legislator who announced plans to hold a hearing on the matter, and at another, Assemblywoman Valerie Vainieri Huttle, who had said that leaving his son’s game in the fifth inning on Tuesday to meet with the fund-raisers “says something about the governor’s priorities.”

“She should really be embarrassed at what a jerk she is,” Mr. Christie said.

Joseph Cryan, the Assembly majority leader, lashed back on her behalf, saying, “The governor needs to learn some decency.”

Mr. Christie’s critics have accused him of hypocrisy for taking the flights while preaching austerity. But he has used State Police helicopters far less than his predecessors, including some who flew in them hundreds of times a year. On Thursday, his office released a log of the 33 times it said he had used the aircraft since taking office in January 2010, all but two for official business.

His son Andrew is on the baseball team at Delbarton School in Morristown, which is in the state high school championship playoffs, and Mr. Christie flew to attend the games last Friday and on Tuesday.

On Tuesday, he flew from Trenton to the game in Montvale, at the northern end of the state, and then to the governor’s mansion in Princeton to meet with Republican fund-raisers from Iowa who, Mr. Christie said, tried and failed to persuade him to run for president in 2012. (“They didn’t ask about 2016,” he said, “so I didn’t rule it in or rule it out.”)

On Thursday, the governor paid the state $2,151.50 for the personal trips, and at his request, the state Republican Party paid $1,232.29 for the political leg of the trip Tuesday.

Mr. Christie said he would not change his traveling habits, but would not say whether he would reimburse the state for any future flights. “My son’s next game is tomorrow in Sparta,” he said, adding that he thought he would have time to drive.

The governor appealed for understanding of his role as a father of four. And he drew a contrast to his predecessor, Jon S. Corzine, saying that the alternative to helicopter use was to have the State Police speed him around as they did Mr. Corzine — and risk the kind of near-fatal accident Mr. Corzine had.

The State Police have said that the helicopter trips cost the state no additional expense, because the aircraft are aloft daily, whether or not they are needed for emergencies, to give the pilots experience.

Asked if using the helicopters at a time of deep budget-cutting was politically tone-deaf, Mr. Christie said, “I understand the perception issue.” But he added that he thought the State Police statement would make it disappear.

View the original article here

E-Mail Fraud Hides Behind Friendly Face

But what if the e-mail appears to come from a colleague down the hall? And all he asks is that you add some personal information to a company database?

This is spear phishing, a rapidly proliferating form of fraud that comes with a familiar face: messages that appear to be from co-workers, friends or family members, customized to trick you into letting your guard down online. And it has turned into a major problem, according to technology companies and computer security experts.

On Wednesday, Google disclosed that it had discovered and disrupted an effort to use such pinpoint tactics to steal hundreds of Gmail passwords and monitor the accounts of prominent people, including senior government officials. Secretary of State Hillary Rodham Clinton said Thursday that the F.B.I. would investigate Google’s assertion that the campaign originated in China.

Such tactics were also used in an attack on a company called RSA Security, which security experts say may have given hackers the tools to carry out a serious intrusion last month at Lockheed Martin, the world’s largest military contractor.

The security specialists say these efforts are a far cry from more standard phishing attempts, which involve spraying the Internet with millions of e-mails that appear to be from, say, Citibank in the hope of snaring a few unfortunate Citibank customers. Spear phishing entails sending highly targeted pitches that can look authentic because they appear to come from a trusted source and contain plausible messages.

As such, the specialists say, the overtures are becoming very difficult for recipients to detect.

“It’s a really nasty tactic because it’s so personalized,” said Bruce Schneier, the chief security technology officer of the British company BT Group. “It’s an e-mail from your mother saying she needs your Social Security number for the will she’s doing.”

Mr. Schneier said the attacks are more like a traditional con game than a technically sophisticated intrusion. “This is hacking the person,” he said. “It’s not hacking the computer.”

Symantec, the computer security company, said it intercepted around 85 targeted attacks a day in March, including efforts to steal personal information through phishing or with links to nefarious software that could ultimately expose corporate files. The only month with more attacks was March 2009, when a surge coincided with a Group of 20 summit meeting.

Symantec said the most common targets were government agencies and senior managers and executives; the phishing of such big game is commonly referred to as “whaling.” Manufacturing firms were the targets of 15.9 percent of the attacks, compared with 8 percent for the financial sector and 6.1 percent for technology companies, Symantec said.

Hackers taking aim at corporations are often seeking new product designs and may focus on engineers at a defense contractor, for example, to get data they can sell on the black market.

Enrique Salem, Symantec’s chief executive, gave the example of an e-mail sent to the head of a company that appears to be from the Internal Revenue Service. The message raises questions about the tax implications of an acquisition, and the chief executive passes the message to others inside the company. Someone opens the attachment, giving the attacker access to the company’s internal network.

“It’s about getting you to do something to compromise the system,” Mr. Salem said.

In the case of the Gmail attacks, Google said they appeared to originate from Jinan, China, and were aimed at users like Chinese political activists, military personnel, journalists and South Korean officials.

The Chinese Foreign Ministry said Thursday that the government had no involvement in any such attacks, and that it “consistently opposes any criminal activities that damage the Internet and computer networks, including hacking, and cracks down on these activities according to law.”

It is not clear how the attackers obtained the Gmail addresses they used, although they could have been found inside other compromised accounts, including corporate or government accounts whose addresses are often easier to guess.

The attackers may have hoped to find some work-related e-mail in their victims’ personal Gmail accounts.

Mila Parkour, an independent security researcher who helped alert Google to the attacks, said she was tipped off to the campaign when one of the victims let her examine some suspicious messages.

John Markoff contributed reporting.

View the original article here