-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, June 29, 2001 9:03 AM To: daily Subject: NIPC Daily Report 29 June 01 Private Sector - A national survey in the U.S., conducted in early June by Camelot and eWeek magazine, has concluded that the vast majority of IT security crimes are committed by authorized personnel. It also found that layoffs, mergers and acquisitions increase the chances of an IT security breach. Camelot says that the results highlight the fact that companies are placing greater emphasis on IT security issues by increasing internal IT network security budgets within the last year. Of the respondents, 57 percent cited users are accessing resources they shouldn't be entitled to as a cause of network security breaches. In addition, 43 percent of respondents indicated security breaches were caused by user accounts being left open after an employee has left the company. Nearly half of the companies surveyed are increasing the budget for network security software and hardware, while one in three companies has an annual budget specifically allocated to maintain and/or upgrade a network security system. Of those companies, 40 percent have an annual budget of at least $100,000 for network security systems. (Source: InfoSec News, 28 June) An Internet worm that automatically defaces Web sites claimed another high-profile victim today, redecorating the home page of a site operated by Lycos' Quote.com investment service. The Sadmind/IIS worm replaced the home page of Quote.com's Virtual Advisor Portfolio Tracker site with its trademark anti-American message in red letters on a black background. The defacement was still viewable this morning. The free Virtual Advisor service, located at http://vaweb.quote.com , enables investors to track their investments online but does not allow trading of securities or other financial instruments. A Lycos spokesperson said that the company is investigating the security breach and had no immediate comment. (Source: Newsbytes, 28 June) (NIPC Comment: The NIPC's Malicious Code Team will continue to monitor this worm and will advise of changes as warranted.) Flaws in Cisco Systems software for routers, switches and firewalls could give attackers complete control over the widely used equipment that supports the bulk of the Internet's backbone. On 27 June, the San Jose, California-based company posted advisories on the vulnerabilities, which affect any device running Cisco Internet Operating System (IOS) software version 11.3 and later, as well as Cisco software supporting Secure Shell protocol (SSH), including firewalls. Security Focus incident analyst Ryan Russell said most systems are not vulnerable to attack because network and firewall administrators are not using the flawed SSH capabilities. According to an advisory from the CERT Coordination Center, equipment affected by the software flaws includes Cisco IOS systems using local authentication databases with the HTTP server enabled. (Source: News Factor, 28 June) Government - On 27 June, the Commerce Department has formally approved the new standard for the minimum level of cryptography in federal security products, replacing a standard that had been in effect for seven years. This approval will require security products that are used by agencies for sensitive, unclassified information must be certified under the National Institute of Standards and Technology's (NIST) Federal Information Processing Standard (FIPS) 140-2, Security Requirements for Cryptographic Modules. The new FIPS 140-2 standard, replacing FIPS 140-1, goes into effect 25 Nov. and covers four increasing levels of security, to encompass a range of applications. NIST maintains a list of vendors and modules with FIPS 140-1 and 140-2 validation on its Web site. (Source: Federal Computer Week, 28 June) The flurry of cybercrime-related bills, over three dozen, is enough to make anyone think federal lawmakers are making combating Internet abuses and protecting Web surfers a top priority. However, pundits say the steady stream of digital legislation is more political than a concerted effort to tame the Wild-Wild Web, and that the bulk of the bills deal more with issues like online pornography and libel than protecting information infrastructures. However, a growing concern in the private sector is that new cybercrime and security laws will come with specific technology requirements. Other proposed federal bills would simply duplicate existing state cybercrime statutes. Federal statutes that supercede states' laws are a high priority for some industry groups, which believe broad national statutes are better than a patchwork of 50 different standards. Observers say they expect most Capitol Hill cybercrime debates will continue to deal with privacy concerns. Likewise, the business sector will continue to oppose any laws or regulations that will cost them money, such as laws requiring the archiving of huge amounts of data for forensics purposes. (Source: Security Wire Digest, 28 June) Defacements - According to the Web defacement mirror site Alladas.de, the following U.S. government and military sites were defaced on 29 June by the hacker indicated: abBioCAT Facilities at the advanced Photon Source located at the Argonne National Lab web site, (www.bio.aps.anl.gov), defaced by BluePanda abUS. Navy A21 Acquisition Related Business Systems site, (www.peoarbs.navy.mil) defaced by: tty0 Military - NTR International - In South Korea, computer-related crimes among youth are increasing steadily, according to a police report released on 28 June. Conducted by the Cyber Crime Investigation Division of the Gyeonggi police, the survey found 636 reported cases of cyber crime in the Gyeonggi region this year, almost a three-fold increase from 222 last year. "The rise in youth crimes shown by the survey reflects the larger issue of the upward trend in cyber crimes," said Kim Gi-Cheon, a police sergeant of the Cyber Terror Response Center. As to the type of offenses, 449 involved forging of electronic documents or other general crimes. The remaining 187 involved hacking or cyber terrorism. The general crimes included 247 offenses of illegally using the Internet and game sites, 43 libel cases, 39 cases of personal information infringement, 35 cases of distributing lewd material or promoting suicide sites, 21 cases of pirating pornographic material and programs, and two cases of sexual assault. The types of cyber terror offenses included 114 cases of misappropriation of other people's information, 30 cases of illegally circulating personal and official information, 11 cases of spam mail and five cases of spreading computer viruses. (Source: Seoul The Korea Herald, 29 June) U.S. SECTOR INFORMATION: Banking and Finance - NTR Emergency Services - NTR Government Services - NTR Water Supply - NTR Gas and Oil Storage Distribution - NTR Electrical Power - NTR Transportation - NTR Telecommunications - NTR NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:23:47 PDT