FW: NIPC Daily Report for 14 September

From: George Heuston (georgeh@private)
Date: Fri Sep 14 2001 - 10:05:18 PDT

  • Next message: George Heuston: "FW: NIPC Daily Report 17 September"

    -----Original Message-----
    From: NIPC Watch [mailto:nipc.watch@private] 
    Sent: Friday, September 14, 2001 9:44 AM
    To: daily@private
    Subject: NIPC Daily Report for 14 September
    
    
    The NIPC Daily Report for 14 September
    
    NOTE:  Please understand that this is for informational purposes only
    and does not constitute any verification of the information contained in
    the report nor does this constitute endorsement by the NIPC or the FBI.
    
    Significant Changes and Assessment  - No significant changes.
    
    Private Sector - Consumer protection advocates are warning Internet
    users that scam artists are trying to take advantage of 11 September's
    terrorist attacks.  Spam solicitations have urged citizens to donate
    money to the Red Cross or other relief organizations.  However, the
    e-mails direct potential donors to private Web sites apparently designed
    to steal credit card numbers.   One such e-mail discovered by the
    non-profit consumer group, "SpamCom Foundation," arrives from
    "expressrelieffund2001@private" with the subject line "Help for the
    Red Cross and the victims of our Nations tragedy."  Instead of linking
    to a Red Cross site, the e-mail sends visitors to a privately-held Web
    site.  Another scam urges consumers to buy phone cards with images of
    the New York City, promising to donate "donate 10% of the proceeds of
    the sale of this commemorative card" to victims.  (Source: MSNBC, 13
    September)
    
    International - The Deputy Municipal Prosecutor in Tuzla, has forwarded
    to the Tuzla Municipal Court a proposal to indict an individual for
    destroying the database of a US company that assists SFOR [Stabilization
    Force] by sending an e-mail with a virus.  According to the proposed
    indictment, drafted on the basis of available information, interrogation
    of witnesses, and information technology experts' findings, the
    individual is suspected of having committed the criminal offense of
    "violating the privacy of letters or other mail."  This case will thus
    become the first of trying hacking attacks on computer systems in the
    territory of Bosnia-Herzegovina.  A team of court experts of information
    technology has been set up to gather relevant evidence on the complaint
    of the US company's representatives and they have established the
    relevant facts and written a report.  (Source: Jutarnje Novine in
    Serbo-Croatian, 13 September)
    
    Stating that people should be able to use PCs and the Internet without
    interference, a Dutch public prosecutor has asked the court here to
    sentence the 20-year-old maker of the Anna Kournikova e-mail worm to 240
    hours of civil service.  The defendant in the case, Jan de Wit, turned
    himself in to the police in his hometown of Sneek, Netherlands, on
    February 14. A few days earlier, he had posted the e-mail worm to an
    Internet newsgroup and it then spread worldwide.  De Wit is charged with
    the spreading of data via a computer network with the intent to cause
    damage. The crime is punishable by four years in prison and a maximum
    fine of approximately $243,000.  The verdict is expected on September
    27.  (Source: IDG News Service, 14 September)
    
    On 13 September, the Chaos Computer Club, a German hackers organization,
    rejected calls from other hackers for an all-out assault on Islamist
    websites in response to the carnage in the US.  Andy Mueller-Maguhn,
    spokesman for the club, said in an e-mail that the Internet could play a
    positive role following Tuesday's attacks, which left thousands dead.
    "Means of electronic communication such as the Internet can make an
    important contribution to further understanding between different
    peoples," he said.  (Source: Agence France-Presse, 14 September)
    
    In China's first seizure of an Internet hacker, police have arrested a
    computer student suspected of littering government-run Web sites with
    pornography, the official Xinhua news agency reported.  Police in the
    central province of Hubei detained 19-year-old Wang Qun last month on
    suspicion of posting erotica on the homepage of a well-known science Web
    site, the news agency said.  Wang had bragged in Internet chatrooms
    about hacking into more than 30 domestic and overseas Web sites.  Police
    investigations showed he had replaced the homepages of several
    government-run Web sites with pornographic images, it said.  Fingers
    were pointed at Chinese hackers in July after an Internet worm dubbed
    "Code Red" disrupted US government Web sites with defacings that said
    "Hacked by Chinese," a popular term for breaking illegally into a
    computer system.  (Source: ZDNet, 14 September)
    
    Hacker Fluffi Bunni redirected the traffic of thousands of UK Web sites,
    treating surfers to a rant against both religion and US economic
    imperialism and asks "for Mr Bin Laden and $5m in a brown paper bag."
    He performed this redirection by hacking into a domain name system
    server belonging to a UK registrar.  (Source: VNUNet, 14 September)
    
    Military - Defense Department command and control networks continued to
    function
    normally despite 11 September's terrorist attack against the Pentagon,
    according to officials at WorldCom, which operates the global Defense
    Information Systems Network (DISN), handling all military communications
    traffic.  State Department networks also continued to function normally,
    the WorldCom officials said. (Source: Infosecnews, 13 September)
    
    Government - NTR
    
    U.S. SECTOR INFORMATION:
    
    Transportation -  Federal authorities have implemented new regulations
    for electronic airline tickets as part of tighter security at US
    airports, effectively taking away much of the convenience of online
    travel.  Commercial airlines will no longer allow passengers holding
    e-tickets to receive a boarding pass by only showing photo
    identification. Passengers will have to present a printed receipt of
    their e-ticket purchase, according to representatives from online travel
    company Travelocity and Southwest Airlines.  Also under the new
    restrictions, e-ticketed passengers will not be able to check in at the
    gate for their flights. Anyone without a ticket will not be allowed past
    airport security checkpoints, according to the new regulations.  The
    changes in procedure are part of increased security efforts announced
    this week by the US Department of Transportation in light of the
    terrorist attacks in New York and Washington. Curbside check-in of
    baggage has also been forbidden, and knives of any kind will not be
    allowed on planes. In addition, the department said, carry-on baggage
    will be subject to search.  (Source: CNET Networks, 13 September)
    
    The Federal Aviation Administration has temporarily banned mail and
    cargo from all passenger flights, forcing mail delivery onto the ground
    and delaying checks, bills, documents and other first-class items.
    About a quarter of the 650 million pieces of mail that the US Postal
    Service handles each day has been redirected from passenger planes to
    trucks, pushing back deliveries by 24 to 48 hours for the foreseeable
    future, Postal Service spokesman Mark Saunders said. However, most of
    the nation's express mail and cargo, everything from medicine to fresh
    fish to apparel, that has been grounded for the last two days should be
    back up in the air on 14 September, as the country's largest cargo
    carriers resume flights.  Analysts and company executives fear that the
    FAA cargo ban and additional security measures at airports and ports of
    entry could send shock waves throughout the business community here and
    abroad.  (Source: LA Times, 14 September)
    
    The Federal Aviation Administration (FAA) is moving forward with a pair
    of information technology security initiatives that were set in motion
    long before Tuesday's terrorist attacks, according to Marshall Potter,
    technical adviser and chief scientist for IT at the FAA's Office of
    Information Services.  Potter said Version 2.0 of the FAA's Information
    System Security Architecture will cover all of the agency's IT assets,
    as opposed to older versions that only covered the National Airspace
    System (NAS).  Potter also said Version 1.0 of the NAS Protection
    Profile template would be ready for internal review early in the first
    quarter of the upcoming fiscal year.  Protection profiles are used to
    determine requirements and to validate commercial off-the-shelf products
    for use by the FAA and other organizations.  The FAA currently has
    Version 0.9, and although the template is solely designed for NAS, the
    agency's Next Generation Communications office is already using it,
    Potter said, adding that Version 1.0 will be made available agency wide
    for review.  The FAA, the National Information Assurance Partnership and
    other partners are developing the template.  (Source: Federal Computer
    Week, 12 September)
    
    Banking and Finance - The US Federal Reserve Bank, seeking to stabilize
    the global economy following the 11 September terrorist attacks, is to
    make $50 billion available to stabilize European banking systems. The
    Fed said it was taking the action "to facilitate the functioning of
    financial markets and provide liquidity in dollars." The unusual move
    followed by the joint statement from the world's seven richest countries
    pledging that their central banks would coordinate activities to make
    sure that emergency withdrawals did not destabilize any of their banking
    systems.  The Fed's action appeared to be an effort to demonstrate
    strongly to financial markets that the United States was prepared to
    back up the G-7 pledge of support for major banking systems around the
    world with hard cash if necessary. (Source: Computer World Magazine, 13
    September)
    
    Telecommunications -  Verizon Communications continued its struggle to
    reestablish phone service to about 200,000 customers in lower Manhattan
    in the wake of the massive terrorist strikes on the World Trade Center.
    Five of Verizon's 19 central offices in New York's financial district
    were affected by the disaster, a company spokeswoman told Newsbytes. The
    facility worst hit was the one at 140 West Street, adjacent to the
    Building 7 of the World Trade Center complex, which collapsed shortly
    after the center's twin towers toppled.  Massive, tumbling steel beams
    falling from the collapsing 110-story north tower of the World Trade
    Center smashed through large portions of Verizon's West Street offices,
    the company said. In addition to the structural damage, the building's
    five-level basement filled with water, causing further telephone line
    outages, the company said. Dust, dirt and other debris that poured over
    everything in the area also is affecting computer systems in the parts
    of the building that were not crushed, the company said.  (Source:
    Newsbytes, 14 September)
    
    Some of the nation's largest Internet service providers were served with
    federal subpoenas on Tuesday, as investigators combed e-mail accounts
    for clues as to who might have been behind the terrorist attacks on New
    York City and the nation's capital.  Within hours of terrorist attacks
    that destroyed the World Trade Center towers in New York City and
    portions of the Pentagon in Arlington, Virginia,  FBI agents descended
    upon the nation's largest ISP's with orders to seize information on
    several user accounts.  "Following the tragic events on Tuesday we did
    cooperate with federal investigators and provided them with information
    that we hope is relevant and helpful to their ongoing criminal
    investigation," one of the ISP's spokesman said.  "We're prepared to
    cooperate with further requests as necessary." (Source: Newsbytes, 14
    September)
    
    Operators of a Web site which maintains an authoritative but unofficial
    list of World Trade Center attack survivors confirmed that the service
    is occasionally prone to error but denied rumors that NY.com had been
    hacked.  "We haven't experienced any violations of our security. Our
    biggest problem in maintaining the survivor database is keeping the data
    clean," said Charles Thayer, president of Mediabridge Infosystems, which
    maintains the list at http://wtc.ny.com.  The NY.com list is one of the
    largest of a dozen or so online survivor databases that have sprung up
    since the twin towers crumbled from the terrorist attack.  But the
    site's data, which is mirrored by a handful of other sites around the
    world, has frequently been corrupted with obviously bogus entries such
    as "Bart Simpson" and "Elvis Presley," according to Thayer.  While the
    site's operators edit out false entries as quickly as possible, NY.com,
    like other operators of survivor lists, cautions users that it cannot
    guarantee the accuracy or authenticity of the information.  The phony
    listings have led some to speculate on Internet e-mail lists and message
    boards today that hackers have infiltrated the site.  There have even
    been reports of people accessing information that turned out to be
    incorrect.  (Source: Newsbytes, 13 September)
    
    Gas and Oil Storage Distribution - OPEC will take appropriate measures
    not only to stabilize oil prices but ensure that there will be adequate
    supply of crude oil in the light of the terror attacks in the US, the
    Minister for Petroleum and Mineral Resources said on 12 September.  The
    minister disclosed that the UAE's oil reserves stand at 89 billion
    barrels at present while natural gas reserves are six trillion cubic
    meters, and that "...if the price of oil continues to remain above $30 a
    barrel during our meeting, OPEC will concentrate on taking appropriate
    measures to stabilize the market at an appropriate level."  OPEC
    ministers are meeting on 26 September in Vienna.  Stating that there
    were no indications of panic buying after the terror attacks in the US,
    the minister said there was enough supply in the market. The Qatari oil
    minister earlier this week said Opec may not increase production as the
    markets and prices were stabilizing.  (Source: Independent
    www.gulf-news.co.ae, 13 September)
    
    Emergency Services - NTR
    Water Supply - NTR
    Government Services - NTR
    Electrical Power - NTR
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:52 PDT