-----Original Message----- From: NIPC Watch To: daily@private Sent: 8/27/01 8:12 AM Subject: NIPC Watch Daily Report 27 August 2001 Significant Changes and Assessment - No significant changes Private Sector - Symantec's Anti-virus Research Center has identified a potentially serious Active-based Trojan named "Offensive" that cracks the Windows registry on an infected PC and kills off the operating system. The Trojan is transferred via e-mail as an apparently innocuous .html web link. If it is executed, the target web page displays a button saying "Start" that, if pressed, destroys the system registry. On an infected machine it is impossible to run any programs and the OS will lock, preventing a system shut-own. Additionally, it prevents subsequent access to the operating system, even in Safe Mode. Symantec advised home computer users who have become infected with Offensive to seek professional advice, as the only way to repair the damage is using regedit from a DOS command line to fix the damaged registry strings. The anti-virus firm said that it was vital to apply the latest patch for Internet Explorer 5.5 to counter the Trojan. (Source: VnuNet, 24 August) A hacker broke into a paintball company's Web site and sent out phony financial statements on 23 August, forcing the Nasdaq stock market to halt trading in the company's shares for more than two hours. After discovering its computer security had been breached overnight, Brass Eagle notified law enforcement officials, including the FBI. The hacker sent out misinformation about the company's finances in "hundreds, if not thousands" of e-mails, said Chief Financial Officer J.R. Brian Hanna. The attack prompted Brass Eagle to reaffirm its earnings guidance for fiscal 2001. The hacker had apparently entered their Web site and sent e-mails ostensibly from the company, to addresses of people registered to receive company mailings. Hanna said computer security was being tightened at the company. (Source: Reuters, 23 August) A Russian software programmer arrested on charges of violating a controversial US copyright law saw his arraignment postponed for one week as lawyers attempt to work out a settlement in a case which has prompted international protests. Dmitry Sklyarov had been scheduled to face charges on Thursday morning in San Jose federal district court, but a judge postponed it until Aug.30 to allow the defense and prosecution more time to negotiate a possible deal, lawyers on both sides said. Sklyarov wrote a program for his Moscow-based employer, ElcomSoft Co. Ltd, that allows people using Adobe Systems Inc..eBook software to get around copyright protection controls, allowing them to copy digital books and transfer them to other computers. He was arrested on 16 July in Las Vegas after giving a talk on his program at the DefCon hacker convention (Source: Reuters, 24 August) International - While research and development companies in New Zealand are being targeted by offshore interests on stealing their work, one New Zealand security expert warns the dangers to small to medium-sized enterprise are even greater. KPMG New Zealand said that R&D institutes have managed to fend off the intruders. However, businesses in New Zealand are generally at risk of attack. The government's decision to create an agency, the Center for Critical Infrastructure Protections, will provide research and support for companies under attack. ( Source; IDG News Service, 24 August) Afghanistan's Taliban ruler has banned international aid organizations from using the Internet in a country that has no proper postal service and few working telephones. Mullah Mohammed Omar also barred government departments and domestic aid organizations from using the Internet, including to send e-mail. Mullah Omar's edict said the only Internet connection in Afghanistan would be in the in the southern city of Kandahar, where most of the senior Taliban leaders are based. Aid groups working in Afghanistan depend heavily on the Internet to communicate with each other and with their headquarters. (Source: Associated Press, 26 August) Government - NASA Administrator Daniel Goldin has named David Saleeba, a 26-year veteran of the US Secret Service, to head up the agency's Office of Security Management and Safeguards, created in November 2000 to oversee NASA's physical security and portions of its information technology security. NASA created the Office of Security Management and Safeguards to serve as the single point of focus for security matters at the agency, including protection the agency's classified networks and data. NASA's chief information officer's office will continue to handle all non-classified systems. (Source: Federal Computer Week, 24 August) Military - The Defense Intelligence Agency (DIA) is seeking assistance in tracking computer network attacks on DoD systems that originate from an unspecified foreign country. DIA announced on 23 August that it intends to award a sole source contract to Veridian.. Veridian will help the agency analyze incidents of network intrusions or cyberattacks on DoD networks from "computers located in a particular foreign country and other computers that show evidence of being under the control of people in that country," according to the announcement. The contractor will be required to collect intrusion data from DoD, service-specific CERTs and information warfare centers, analyze the data and provide a list of foreign IP addresses requiring further investigation. The contractor also will need to learn who the initiating host is and determine the level of threat. (Source: Federal Computer Week, 27 August) U.S. SECTOR INFORMATION: Water Supply - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR Emergency Services - NTR Electrical Power - NTR Telecommunications - NTR Banking and Finance - NTR Transportation - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:22 PDT