-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, August 03, 2001 8:58 AM To: daily@private Subject: NIPC Daily Report 3 August 01 Significant Changes and Assessment - Nothing Significant to Report Private Sector - The Code Red worm continued its attack on the Internet on 2 August, infecting about 5,000 new computers an hour, however its assault was blunted by people applying protective patches to their vulnerable computers, experts said. "It's continuing to infect systems at a steady rate, about 5,000 per hour," said Alan Paller of the System Administration, Networking and Security (SANS) Institute. "Something is causing the number of scans to go down." There were an estimated 267,600 infected computers by late afternoon on 2 August, compared to more than 280,000 when the worm spread in mid-July, according to SANS. Only 100,000 to 170,000 of those were believed to be still scanning and looking for other victims because they've been patched, Paller said. Rebooting the computer kills the worm on infected computers and applying a free software patch prevents future infection. (Source: Reuters, 2 August) Cisco has discovered two vulnerabilities in their SN 5420 Storage Router. One can cause denial-of-service attacks; the other allows unrestricted low level access to the router. The vulnerabilities affect releases of the SN 5420 Storage Router software up to and including 1.1(3). There is no work around, though the problem can be mitigated by blocking access to ports 513 and 8023 on the network edge. The release 1.1(4) of the software contains a fix for both vulnerabilities. Cisco is also offering free software upgrades for all affected customers. (Source: Securitywatch.com, 2 August) A major security flaw has been discovered on a site called RegWeb.com that revealed hundreds of customer credit card numbers on a back end registration system, Interactive Week has confirmed. Representatives for RegWeb, a conference registration service and software provider, first found out about the hole on 27 July, when someone posted a link to the Web site of credit card numbers to a hacker chat room. It's estimated around 300 to 400 credit card files were left in the open. Mark Johnson, a developer at RegWeb, said he thought the problem had been fixed but apparently it wasn't. "We notified the client that it happened to and have been working with them," Johnson said. "Then we've been doing all we can to plug the holes." The client was 877Chicago.com, which provides online bookings for people traveling to Chicago. (Source: Interactive Week, 2 August) Government - According to a recently prepared GAO report, the Commerce Department's computer networks, which contain some of America's most valuable business secrets, have security holes easily accessible to Internet criminals. Senior department officials are scheduled to face lawmakers about the problems on 3 August. The GAO report states that the department as a whole was put at risk by the security holes. "Individuals, both within and outside Commerce, could gain unauthorized access to these systems and read, copy, modify and delete sensitive economic, financial, personnel and confidential business data," the report says. "Moreover, intruders could disrupt the operations of systems that are critical to the mission of the department." GAO investigators listed no incidents in which hackers had actually broken into Commerce computers, but said the department probably wouldn't be able to detect them in time to prevent damage. (Source: Associated Press, 2 August) State and local law enforcement agencies are going to the Internet in order to fight computer-related crime more effectively. The National Association of Attorneys General (NAAG) is pulling together a list of people responsible for investigating and prosecuting cybercrime in their particular jurisdictions, and who can provide assistance to law officers seeking electronic evidence stored outside their states. NAAG representatives said that as the use of the Internet by criminals increases, requests are increasing dramatically for stored electronic evidence from Internet service providers. The organization's list stems from remarks made early last year by then, Attorney General Janet Reno about the idea of a "24/7 network" offering assistance in fighting computer crime, said Kim Herd, the project's director at NAAG. (Source: Federal Computer Week, 2 August) Lawmakers on the Senate Judiciary Committee on 2 August postponed plans to introduce legislation designed to encourage businesses to share information on cyber-attacks with the government and each other. Senators Robert Bennet, R-Utah, and Jon Kyl, R-Ariz., had been scheduled to introduce a bill on 2 August that would allow private sector companies to share vulnerability information with the government without fear that the sensitive data could be obtained through a Freedom of Information Act (FOIA) request. The legislation will be similar to a bill introduced in July by Representatives Tom Davis, R-Va., and James Moran, D-Va., but will also differ in several key respects, according to industry sources who helped to draft the bill. (Source: Newsbytes, 2 August) International - NTR Military - NTR U.S. SECTOR INFORMATION: Banking and Finance - NTR Telecommunications - NTR Water Supply - NTR Gas and Oil Storage Distribution -NTR Government Services - NTR Transportation - NTR Emergency Services - NTR Electrical Power - NTR NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC of the FBI.
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:07 PDT