-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Thursday, June 21, 2001 9:27 AM To: daily Subject: NIPC Daily Report 21 June Significant Changes and Assessment - No significant changes. Private Sector - (U) A newly discovered bug in Solaris could allow attackers to run malicious programs on servers with Sun's operating system installed. The buffer-overflow bug in an operating system component that enables network users to print on devices connected to a Solaris server, was publicized by Internet Security Systems (ISS) on 19 June. According to the ISS advisory, all versions of Solaris from 2.6 through 8 install and enable by defaulting the buggy component, known as the "LPD daemon." Because it is designed to provide extensive functionality to remote users, LPD could be exploited to run code of an attacker's choice on the target system with super-user privileges. A Sun Microsystems spokesperson confirmed that the company is developing patches to correct the problem. The advisory can be viewed at http://xforce.iss.net/alerts/advise80.php. Sun Microsystems' security site can be viewed at http://www.sun.com/security. (Source: Newsbytes, 20 June) Government - (U) Before Congress moves to stem the rising tide of identity theft that has been heralded by the Internet revolution, lawmakers need more information about what statutes and enforcement mechanisms are already in place to protect citizens, House Energy & Commerce Committee spokesperson, Pete Sheffield, said on 19 June. On 18 June, House Energy & Commerce Committee Chairman W.J. "Billy" Tauzin, R-La., sent a letter to U.S. Attorney General John Ashcroft, urging the Justice Department to provide information about what steps it is currently taking to prevent identity theft. Tauzin and others on the committee want to know what tools the Justice Department already has at its disposal to combat identity theft, Sheffield said. Tauzin is specifically interested in what laws currently on the books address the practice of "pretexting," that is, the practice by identity thieves of misrepresenting themselves to obtain sensitive data from banks, financial institutions, etc. (Source: NewsBytes, 19 June) Military - (U) The joint command and control system needed to transform the U.S. military may be a DoD version of America Online. DoD Online (DOL) could allow commanders to create a virtual headquarters manned with experts from across the military, government, academia and the commercial sector. Because the DOL prototype is composed of relatively inexpensive, commercially available technologies, officials at Joint Forces Command and in the Pentagon say it could render obsolete many current command, control and communications efforts - such as the multibillion-dollar Joint Tactical Radio System, and contracts that are tailored to one service, the way the Navy Marine Corps Intranet is. DOL was developed by the experimental division of Joint Forces Command in Norfolk, Va. and includes, among other things, instant messaging, online chats and the ability to locate users online, and enables the sharing of programs and capabilities such as PowerPoint slides and 128-bit encryption without having to download the programs onto every computer. DOL also could eliminate the need for tactical radios, saving billions of dollars and dramatically reducing the need for bandwidth, a commodity in short supply, proponents say. (Federal Computer Week, 18 June) International - (U) On 19 June Protesters threatened to use "cyber sit-ins" to derail a high-profile development conference organized by the World Bank, after the Washington-based body announced it would hold the conference online to avoid demonstrations. The bank is the latest casualty of the increasingly violent climate surrounding international summits since protesters disrupted global trade talks in Seattle at the end of 1999. It decided to hold its annual conference on development economics on the Internet after thousands of protesters threatened to descend on Barcelona, Spain next week, the original venue. But the emerging anti-globalization protest movement warned that a virtual conference was just as vulnerable as a live gathering. (Source: The Guardian (UK), 20 June) (U) The 20-year-old Dutchman who said he created and unleashed the Anna Kournikova e-mail worm will be prosecuted, Dutch authorities said on 20 June. The man is charged with the spreading of data via a computer network with the intent to cause damage, a crime punishable by 4 years in prison and a maximum fine of 100,000 Dutch guilders ($38,770) in certain courts in the country. However, because the public prosecutor decided to try the case in a lower court, the maximum penalty is six months imprisonment, up to 480 hours of civil service and a fine. (Source: IDG News Service, 20 June) (U) A high-ranking Taiwanese military officer reportedly revealed that Taiwan's armed forces should undergo a major change in the priority of their modernization. In addition, the priority order of "command of air, command of sea, and anti-landing battle," which has been put into practice for many years, has been readjusted and the new priority order is this: "command of electronic warfare, command of air, command of sea, and anti-landing battle." The change means that Taiwan's armed forces will switch their focus on traditional army building to the one that gives priority to IT and electronic warfare. Taiwan's IT warfare unit, the "Tiger Group," was formally established on 1 July. In its routine news conference yesterday, the Ministry of National Defense briefed Chinese and foreign reporters on the development of Taiwan's IT warfare capability. (Source: Liberty Times, 20 June) (U) A so-called "cyber demonstration" on 20 June to protest Lufthansa's role in the deportation of illegal aliens from Germany and was designed to disrupt the Web site of German airline Lufthansa was a flop, according to company officials. Using software designed for the Lufthansa cyber demonstration and downloaded from the Internet, demonstrators began flooding the Web site with hits. However, Lufthansa had been making preparations to defend its Web serves from attack, and they paid off, according to a company spokesman. He stated that, though the airline's Web site functioned a bit more slowly during the first 10 to 15 minutes of the planned two-hour demonstration, it stayed up and running the whole time. However, Sven Maier, a spokesman for Libertad, one of the organizers of the protesting groups, claimed that Lufthansa's Web site was down for 10 minutes. When asked about Maier's assertion that Lufthansa's Web site was down, a Lufthansa spokesman denied it. "It was not down one second," he said. (Source: NewsBytes, 20 June) U.S. SECTOR INFORMATION: Banking and Finance - (U) A Russian computer hacker was indicted on federal charges on 20 June for allegedly breaking into e-commerce computers and stealing credit card and bank account numbers. Alexey Ivanov, 21, also allegedly tried to extort money for "security services" from one company. A federal grand jury indicted him on 15 counts, including wire fraud, computer hacking and extortion, the U.S. attorney's office said. He could face up to 90 years in federal prison if convicted on all counts. Ivanov currently is in Rhode Island, awaiting trial on related charges in Connecticut and Seattle. Ivanov and Vasily Gorshkov, 25, both of Chelyabinsk, were arrested last month for investigation of conspiracy and fraud. Gorshkov is awaiting trial in Seattle. The FBI alleges that they broke into the computer systems of more than 40 businesses in 10 states, threatening to release or destroy financial records unless they were paid. The two were arrested in November in Seattle when they responded to an employment offer from a phony computer security company set up by FBI agents. The new indictment against Ivanov alleges that he and other international hackers tapped into computers owned by CTS Network Services, a San Diego-based Internet service provider. He allegedly used the service to attack e-commerce companies, including credit card processors Sterling Microsystems of Anaheim, Transmark of Rancho Cucamonga and NaraBank of Los Angeles. (Source: Associated Press, 21 June) (NIPC Comment: Ivanov and Gorshkov's computer activity was originally reported on 5 June) Emergency Services - NTR Government Services - NTR Water Supply - NTR Gas and Oil Storage Distribution - NTR Electrical Power - NTR Transportation - NTR Telecommunications - NTR NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:23:44 PDT