-----Original Message----- From: NIPC Watch Sent: 9/24/01 8:34 AM Subject: NIPC Daily Report, 24 September 2001 NIPC Daily Report 24 September 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - No significant changes. Private Sector - According to network security experts, the deployment of the Advanced Encryption Standard (AES) data encryption technique will likely be accelerated due the destructive nature of the Code Red and Nimda worms coupled with the heightened awareness for added security in cyberspace as well as the physical realm. AES was selected by the National Institute of Standards and Technology (NIST), an agency of the Commerce Department's Technology Administration, in October 2000 as a new encryption technique to be used to protect computerized information. Nearly a year later, there is evidence that AES is being deployed in the private sector even faster than the federal government can mandate it. The proposal has already cleared the NIST but needs to clear the Office of Management and Budget (where it currently sits) before returning to the Commerce Department for final approval. (Source: InternetNews, 21 September) Tom Liston, a "white hat" hacker has designed a tool named LaBrea that will arm network administrators to combat worms like Code Red and Nimda. LaBrea is an open source Linux based application designed to trap worms such as Code Red and Nimda while they're scanning for vulnerable hosts, effectively holding them in a "tar pit" indefinitely. Liston described LaBrea as "a program that creates a tarpit or, as some have called it, a sticky honeypot'" by taking over unused IP addresses on a network and creates "virtual machines" that answer to connection attempts sent out by infected machines. LaBrea answers those connection attempts in a way that causes the machine at the other end to get "stuck" in the tar pit, for an indefinite period of time. Originally, LaBrea was created as a counter-measure to Code Red, but this week has successfully been tested on Nimda. There is no reason it could not be used to trap other worms. (Source: SecurityWatch, 21 September) Government - Officials from the Bush administration, the DoD, and the Justice Department met with Internet service providers, security experts and anti-virus companies on 22 September to dissect the malicious new Nimda worm. Nearly three dozen officials representing federal law enforcement and various ISPs and security firms met in private at the SANS Institute's Wargames conference in Washington, D.C., to share information on Nimda. Participants at the closed-door meeting said virus experts were busy combing through the virus code, an "incredibly complex" construction that dwarfs previous viruses in terms of the number of lines of programming it needs to operate. (Source: Newsbytes, 22 September) Military - DoD is continuing to assess and rebuild its information technology infrastructure following the 11 September attack on the Pentagon. DoD officials ordered more than 1,000 proprietary Secured Desktop Gateway communications enclosures for immediate delivery from Holocom Networks. Pentagon officials contacted the company for the hardware to help assure the security of data at temporary desktops in unclassified locations, company officials said. Meanwhile, the airplane crash and subsequent fire wiped out about 70 percent of the Navy's office space at the Pentagon, including its network control center and some 30 servers that stored the service's budget data, Navy officials said. (Source: Federal Computer Week, 24 September) International - Preparation has been finalized to provide Internet services to five towns in Tigray State, the Ethiopian Telecommunication North Regional Office said. The regional manager, Mesfin Haile, said yesterday that work on the installation of equipment has been completed last June to expand the service to Adigrat, Axum, Endasellasie and Maichew in the state. He said the towns would share the line from the main hub in Mekele, the state capital where it has the capacity to cater for 768 users. He also said two persons were being trained on information technology to launch the service in those towns. (Source: Agence France-Presse, 23 September) U.S. SECTOR INFORMATION: Water Supply - Many of the largest Connecticut water companies are following the advice of trade groups and the FBI by increasing security following last week's terrorist attacks. The FBI made the request to try to guard against further terrorist attacks. Many of the largest water companies in the state said they have increased patrols and stepped up the monitoring of reservoirs and water treatment plants. The heightened security started soon after the attacks 11 September on the World Trade Center and the Pentagon. The water companies said they are not responding to any specific threats. The American Water Works Association and the Association of Metropolitan Water Agencies also has recommended increased patrols. (Source: Associated Press, 21 September) Electrical Power - The Nuclear Regulatory Commission (NRC) will review security at the nation's nuclear plants and study whether they should be designed to withstand the sort of terrorist attack that destroyed the World Trade Center, Chairman Richard A. Meserve announced on 21 September. Officials say power plants and other nuclear facilities were not designed to withstand an attack such as the one that killed thousands on 11 September, and they cannot fully answer whether such an attack would lead to an escape of radiation. "The NRC did not specifically contemplate attacks by aircraft such as Boeing 757s or 767s, and nuclear power plants were not designed to withstand such crashes," the NRC said in a statement released on 21 September. "Detailed engineering analyses of a large airliner crash have not yet been performed." Illinois is home to more commercial nuclear reactors and the highly radioactive waste they've generated than any other state. U.S. and Canadian nuclear power plants and spent-fuel storage sites dot the drainage basin of the Great Lakes, the source of drinking water for millions of people and a natural resource of incalculable importance. The terrorist attacks have prompted an increase in security in plants in Illinois and around the country, as well as a broad review of security procedures and the fortifications at plants. (Source: Chicago Tribune, 23 September) Transportation - Government and aviation officials are poised to begin using facial recognition systems to scan airport terminals for suspected terrorists, possibly including Reagan National Airport when it reopens, according to people involved in deliberations about how to improve security. A government committee, which was appointed by Transportation Secretary Norman Y. Mineta to revamp airport security, received a briefing 20 September, from the inventor of a leading facial recognition system, who said equipment could be installed and operating within a few weeks. The committee, in a draft of a report to be presented to Mineta by 1 October, has included a recommendation to deploy such systems a committee official said. Committee members also began considering Reagan National Airport as "an excellent prototype site," said an official. "It's a technology that holds a tremendous amount of promise." (Source: Washington Post, 24 September) Telecommunications - NTR Emergency Services - NTR Banking and Finance - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:25:52 PDT