-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Thursday, September 06, 2001 7:27 AM To: daily@private Subject: NIPC Daily Report 6 September 01 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in this report nor does this constitute endorsement by the NIPC of the FBI. Significant Changes and Assessment - No significant changes Private Sector - A 21-year-old man was sentenced on 5 September to four months in prison for breaking into two computers owned by NASA's Jet Propulsion Laboratory in 1998 and using one to host Internet chat rooms devoted to hacking, prosecutors said. Raymond Torricelli of New Rochelle, New York, who pleaded guilty late last year to the crimes, was also sentenced to four months of home confinement, a spokesman for the U.S. Attorney's Office said. U.S. District Judge Michael Mukasey of Manhattan federal court also ordered him to pay $4,400 in restitution to NASA. Torricelli said he had been a member of a hacker group known as ``#conflict'' and that he used his home computer in 1998 to break into the two NASA computers at the Jet Propulsion Laboratory in Pasadena, California. Court papers said NASA spent several thousand dollars to remedy the intrusions. (Source: Reuters, 5 September) Trend Micro has secured the patent for a technique to detect malicious code in Java applets, which it believes will help protect mobile devices and phones for the next wave of computer viruses. Trend believes its technology gets around the limitation of the limited memory of mobile phones in order to scan for the action of malicious Java or ActiveX applets. Most of major anti-virus vendors are developing software that will protect phone and handhelds from malicious code, even though the problem is largely theoretical.. (Source: The Register, 5 September) Kaspersky Labs announces the detection of the Internet worm "Lara," the first malicious program that spreads in Desktop Themes files. Kaspersky Labs has received two reports of infections by this worm. "Lara" spreads exclusively via Internet Relay Chat (IRC), transferring the "LaraCroft.theme" worm-carrying file to remote computers. The file name is presented to users in a deceitful way, masking itself as a Windows desktop decorating application according to the "Tomb Raider" theme. Upon starting the infected file, "Lara" scans the available disks, searching for the location IRC-related programs (mIRC client), and modifies their system files. As a result, the worm sends out its copies to all users connected to the same IRC-channel as the infected computer. (Source: Infosec News, 5 September) International - Cyber stalkers in Australia may soon face a maximum five-year jail sentence if the state of South Australia outlaws it under new proposals that would prohibit the use of the Internet or e-mail as a platform to publish or transmit offensive material that may be threatening. South Australia criminalized stalking in 1994. The more recent and equally sinister phenomenon of cyber stalking now faces a similar purge. The term "cyber-stalker" is defined by South Australia Attorney General Trevor Griffin as someone who sends e-mails to his or her victim, seeks to contact the victim through chatrooms, posts information about the victim on the Internet, or directs the victim to offensive or threatening Web sites. (Source: SecurityWatch, 4 September) The UK government is backing plans to create the UK's first "hacking exchange," which will allow IT companies to share information on sensitive security breaches and cybercrime. The Computing Software and Services Association (CSSA) and the Alliance for Electronic Business (AEB), the UK's two largest bodies representing technology companies are fronting the initiative and hope to set up the exchange early next year. The proposed hacking exchange, to be called UK-Saint, is backed by the Department of Trade & Industry and the Office of the e-Envoy, a cabinet Office unit. (Source: Infosec News, 5 September) Government - Michigan's Attorney General Jennifer M. Granholm announced that four individuals have been charged with felonies in three separate cases for illegally "breaking into" the computers of others. Granholm said: "These cases show the need for computer owners everywhere to be ever watchful over their computer systems. Just as you have to be careful that you don't leave your front door wide open when you go on vacation, you can't leave your computer unsecured either." Additional details on these cases can be viewed in a press release at: www.ag.state.mi.us. (Source: Michigan Attorney General, 5 September) Military - NTR U.S. SECTOR INFORMATION: Telecommunications - On 5 September, Verizon Wireless repaired a problem that exposed private information about cell phone customers who used one of its Web sites. The privacy flaw, discovered by a Seattle software developer, enabled unauthorized individuals to browse some customers' account information, including billing details. According to Brian Wood, executive director of corporate communications, the firm determined that the vulnerability only affected customers in the western and mid-western US; in markets formerly served by AirTouch Cellular. As a result of the privacy fix, the billing system now generates session IDs randomly, said Wood. The company has determined that its Web sites serving other wireless markets are not similarly vulnerable. (Source: Newsbytes, 6 September) Banking and Finance - A hacker allegedly intercepted a file containing purchase data from a Washington, D.C., area online merchant causing several banks to cancel and reissue thousands of Visa debit cards. First Virginia Banks Inc. in Falls Church, Va., began notifying 500 of its customers of the compromise of their card numbers and expiration dates, telephone numbers and addresses. Atlanta-based SunTrust Banks Inc. with branch offices in northern Virginia, Washington, and Maryland also began monitoring several customer accounts that may have been compromised. Two weeks ago, Washington-based Riggs Bank sent letters to 3,000 of its customers informing them that a local online merchant's customer database containing their Visa debit card numbers had been hacked into and compromised. Officials at First Virginia, Riggs, and Visa declined to name the merchant where the customer data originated. Visa declined to say whether the data was taken directly from a system belonging to the merchant or from one of the many companies that process electronic payments between online retailers and Visa. Because Visa debit cards are linked directly to customer checking accounts, officials at both First Virginia and Riggs are urging users to destroy their cards and inspect their next bank statements carefully. A security official at First Virginia told customers that the merchant would be notifying them of the incident by e-mail "within a couple of days." (Source: ComputerWorld, 5 September) Emergency Services - NTR Water Supply - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR Electrical Power - NTR Transportation - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:37 PDT