-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, September 14, 2001 9:44 AM To: daily@private Subject: NIPC Daily Report for 14 September The NIPC Daily Report for 14 September NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - No significant changes. Private Sector - Consumer protection advocates are warning Internet users that scam artists are trying to take advantage of 11 September's terrorist attacks. Spam solicitations have urged citizens to donate money to the Red Cross or other relief organizations. However, the e-mails direct potential donors to private Web sites apparently designed to steal credit card numbers. One such e-mail discovered by the non-profit consumer group, "SpamCom Foundation," arrives from "expressrelieffund2001@private" with the subject line "Help for the Red Cross and the victims of our Nations tragedy." Instead of linking to a Red Cross site, the e-mail sends visitors to a privately-held Web site. Another scam urges consumers to buy phone cards with images of the New York City, promising to donate "donate 10% of the proceeds of the sale of this commemorative card" to victims. (Source: MSNBC, 13 September) International - The Deputy Municipal Prosecutor in Tuzla, has forwarded to the Tuzla Municipal Court a proposal to indict an individual for destroying the database of a US company that assists SFOR [Stabilization Force] by sending an e-mail with a virus. According to the proposed indictment, drafted on the basis of available information, interrogation of witnesses, and information technology experts' findings, the individual is suspected of having committed the criminal offense of "violating the privacy of letters or other mail." This case will thus become the first of trying hacking attacks on computer systems in the territory of Bosnia-Herzegovina. A team of court experts of information technology has been set up to gather relevant evidence on the complaint of the US company's representatives and they have established the relevant facts and written a report. (Source: Jutarnje Novine in Serbo-Croatian, 13 September) Stating that people should be able to use PCs and the Internet without interference, a Dutch public prosecutor has asked the court here to sentence the 20-year-old maker of the Anna Kournikova e-mail worm to 240 hours of civil service. The defendant in the case, Jan de Wit, turned himself in to the police in his hometown of Sneek, Netherlands, on February 14. A few days earlier, he had posted the e-mail worm to an Internet newsgroup and it then spread worldwide. De Wit is charged with the spreading of data via a computer network with the intent to cause damage. The crime is punishable by four years in prison and a maximum fine of approximately $243,000. The verdict is expected on September 27. (Source: IDG News Service, 14 September) On 13 September, the Chaos Computer Club, a German hackers organization, rejected calls from other hackers for an all-out assault on Islamist websites in response to the carnage in the US. Andy Mueller-Maguhn, spokesman for the club, said in an e-mail that the Internet could play a positive role following Tuesday's attacks, which left thousands dead. "Means of electronic communication such as the Internet can make an important contribution to further understanding between different peoples," he said. (Source: Agence France-Presse, 14 September) In China's first seizure of an Internet hacker, police have arrested a computer student suspected of littering government-run Web sites with pornography, the official Xinhua news agency reported. Police in the central province of Hubei detained 19-year-old Wang Qun last month on suspicion of posting erotica on the homepage of a well-known science Web site, the news agency said. Wang had bragged in Internet chatrooms about hacking into more than 30 domestic and overseas Web sites. Police investigations showed he had replaced the homepages of several government-run Web sites with pornographic images, it said. Fingers were pointed at Chinese hackers in July after an Internet worm dubbed "Code Red" disrupted US government Web sites with defacings that said "Hacked by Chinese," a popular term for breaking illegally into a computer system. (Source: ZDNet, 14 September) Hacker Fluffi Bunni redirected the traffic of thousands of UK Web sites, treating surfers to a rant against both religion and US economic imperialism and asks "for Mr Bin Laden and $5m in a brown paper bag." He performed this redirection by hacking into a domain name system server belonging to a UK registrar. (Source: VNUNet, 14 September) Military - Defense Department command and control networks continued to function normally despite 11 September's terrorist attack against the Pentagon, according to officials at WorldCom, which operates the global Defense Information Systems Network (DISN), handling all military communications traffic. State Department networks also continued to function normally, the WorldCom officials said. (Source: Infosecnews, 13 September) Government - NTR U.S. SECTOR INFORMATION: Transportation - Federal authorities have implemented new regulations for electronic airline tickets as part of tighter security at US airports, effectively taking away much of the convenience of online travel. Commercial airlines will no longer allow passengers holding e-tickets to receive a boarding pass by only showing photo identification. Passengers will have to present a printed receipt of their e-ticket purchase, according to representatives from online travel company Travelocity and Southwest Airlines. Also under the new restrictions, e-ticketed passengers will not be able to check in at the gate for their flights. Anyone without a ticket will not be allowed past airport security checkpoints, according to the new regulations. The changes in procedure are part of increased security efforts announced this week by the US Department of Transportation in light of the terrorist attacks in New York and Washington. Curbside check-in of baggage has also been forbidden, and knives of any kind will not be allowed on planes. In addition, the department said, carry-on baggage will be subject to search. (Source: CNET Networks, 13 September) The Federal Aviation Administration has temporarily banned mail and cargo from all passenger flights, forcing mail delivery onto the ground and delaying checks, bills, documents and other first-class items. About a quarter of the 650 million pieces of mail that the US Postal Service handles each day has been redirected from passenger planes to trucks, pushing back deliveries by 24 to 48 hours for the foreseeable future, Postal Service spokesman Mark Saunders said. However, most of the nation's express mail and cargo, everything from medicine to fresh fish to apparel, that has been grounded for the last two days should be back up in the air on 14 September, as the country's largest cargo carriers resume flights. Analysts and company executives fear that the FAA cargo ban and additional security measures at airports and ports of entry could send shock waves throughout the business community here and abroad. (Source: LA Times, 14 September) The Federal Aviation Administration (FAA) is moving forward with a pair of information technology security initiatives that were set in motion long before Tuesday's terrorist attacks, according to Marshall Potter, technical adviser and chief scientist for IT at the FAA's Office of Information Services. Potter said Version 2.0 of the FAA's Information System Security Architecture will cover all of the agency's IT assets, as opposed to older versions that only covered the National Airspace System (NAS). Potter also said Version 1.0 of the NAS Protection Profile template would be ready for internal review early in the first quarter of the upcoming fiscal year. Protection profiles are used to determine requirements and to validate commercial off-the-shelf products for use by the FAA and other organizations. The FAA currently has Version 0.9, and although the template is solely designed for NAS, the agency's Next Generation Communications office is already using it, Potter said, adding that Version 1.0 will be made available agency wide for review. The FAA, the National Information Assurance Partnership and other partners are developing the template. (Source: Federal Computer Week, 12 September) Banking and Finance - The US Federal Reserve Bank, seeking to stabilize the global economy following the 11 September terrorist attacks, is to make $50 billion available to stabilize European banking systems. The Fed said it was taking the action "to facilitate the functioning of financial markets and provide liquidity in dollars." The unusual move followed by the joint statement from the world's seven richest countries pledging that their central banks would coordinate activities to make sure that emergency withdrawals did not destabilize any of their banking systems. The Fed's action appeared to be an effort to demonstrate strongly to financial markets that the United States was prepared to back up the G-7 pledge of support for major banking systems around the world with hard cash if necessary. (Source: Computer World Magazine, 13 September) Telecommunications - Verizon Communications continued its struggle to reestablish phone service to about 200,000 customers in lower Manhattan in the wake of the massive terrorist strikes on the World Trade Center. Five of Verizon's 19 central offices in New York's financial district were affected by the disaster, a company spokeswoman told Newsbytes. The facility worst hit was the one at 140 West Street, adjacent to the Building 7 of the World Trade Center complex, which collapsed shortly after the center's twin towers toppled. Massive, tumbling steel beams falling from the collapsing 110-story north tower of the World Trade Center smashed through large portions of Verizon's West Street offices, the company said. In addition to the structural damage, the building's five-level basement filled with water, causing further telephone line outages, the company said. Dust, dirt and other debris that poured over everything in the area also is affecting computer systems in the parts of the building that were not crushed, the company said. (Source: Newsbytes, 14 September) Some of the nation's largest Internet service providers were served with federal subpoenas on Tuesday, as investigators combed e-mail accounts for clues as to who might have been behind the terrorist attacks on New York City and the nation's capital. Within hours of terrorist attacks that destroyed the World Trade Center towers in New York City and portions of the Pentagon in Arlington, Virginia, FBI agents descended upon the nation's largest ISP's with orders to seize information on several user accounts. "Following the tragic events on Tuesday we did cooperate with federal investigators and provided them with information that we hope is relevant and helpful to their ongoing criminal investigation," one of the ISP's spokesman said. "We're prepared to cooperate with further requests as necessary." (Source: Newsbytes, 14 September) Operators of a Web site which maintains an authoritative but unofficial list of World Trade Center attack survivors confirmed that the service is occasionally prone to error but denied rumors that NY.com had been hacked. "We haven't experienced any violations of our security. Our biggest problem in maintaining the survivor database is keeping the data clean," said Charles Thayer, president of Mediabridge Infosystems, which maintains the list at http://wtc.ny.com. The NY.com list is one of the largest of a dozen or so online survivor databases that have sprung up since the twin towers crumbled from the terrorist attack. But the site's data, which is mirrored by a handful of other sites around the world, has frequently been corrupted with obviously bogus entries such as "Bart Simpson" and "Elvis Presley," according to Thayer. While the site's operators edit out false entries as quickly as possible, NY.com, like other operators of survivor lists, cautions users that it cannot guarantee the accuracy or authenticity of the information. The phony listings have led some to speculate on Internet e-mail lists and message boards today that hackers have infiltrated the site. There have even been reports of people accessing information that turned out to be incorrect. (Source: Newsbytes, 13 September) Gas and Oil Storage Distribution - OPEC will take appropriate measures not only to stabilize oil prices but ensure that there will be adequate supply of crude oil in the light of the terror attacks in the US, the Minister for Petroleum and Mineral Resources said on 12 September. The minister disclosed that the UAE's oil reserves stand at 89 billion barrels at present while natural gas reserves are six trillion cubic meters, and that "...if the price of oil continues to remain above $30 a barrel during our meeting, OPEC will concentrate on taking appropriate measures to stabilize the market at an appropriate level." OPEC ministers are meeting on 26 September in Vienna. Stating that there were no indications of panic buying after the terror attacks in the US, the minister said there was enough supply in the market. The Qatari oil minister earlier this week said Opec may not increase production as the markets and prices were stabilizing. (Source: Independent www.gulf-news.co.ae, 13 September) Emergency Services - NTR Water Supply - NTR Government Services - NTR Electrical Power - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:52 PDT