-----Original Message----- From: NIPC Watch Sent: 9/27/01 7:38 AM Subject: NIPC Daily Report, 27 September 2001 NIPC Daily Report 27 September 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - The SANS Internet Storm Center advises that the nimda worm is on a 10-day cycle, and they expect the next wave to attack infected machines tomorrow, 28 September. The worm is typically active for 24 hours before it goes dormant for 10 more days. Private Sector - Microsoft corporation has released Microsoft Security Bulletin MS01-049, "Deeply-nested OWA Request Can Consume Server CPU Availability." A security vulnerability exists in Exchange 2000 Outlook Web Access, because it will accept and process a request for an item in an authenticated user's mailbox without verifying first that the folder structure is valid. An attacker could mount a denial of service attack by repeatedly levying a request for a non-existent but deeply nested folder in his own mailbox. A patch is available to fix this vulnerability. Additional information on this bulletin and a patch to fix this vulnerability is available at http://www.microsoft.com/technet/security/bulletin/MS01-049.asp. (Source: Microsoft, 26 September) International - On 27 September, Industry officials reported that India's IT software industry is likely to be hit further following the terrorist attacks in the United States. Software exports to the United States were likely to come down in the short-term as many companies would put IT spending on hold with massive job cuts pulling down consumer confidence. "Business confidence was low because of the slowdown, but it was consumer spending which had kept the economy at a reasonable level," said Ravi Sangal, president of IDC India, a market research firm on the IT sector. According to the National Association of Software and Services Companies (NASSCOM), 60 percent of India's total software exports, worth 280 billion rupees (six billion dollars), in the last fiscal year were to the United States or Canada. (Source: Agence France Presse, 27 September) On 27 September, Japan's Sony Bank, the online banking service of consumer electronics giant Sony Corp., said that transactions had been halted since early morning because of system glitches. Since 6:30 a.m. (5:30 p.m. EDT), clients have been unable to access their accounts or use their bank cards to deposit or withdraw money from automatic teller machines, the bank said. A spokeswoman said the problem had not been fixed as of 2:00 p.m. (1:00 a.m. EDT). This is the second time the bank, Japan's first full-service online bank set up by a non-financial firm, has suffered technical problems. All 7,600 ATMs available via Sony Bank's partner, Sumitomo Mitsui Banking Corp (SMBC), were affected on 27 September. (Source: Reuters, 27 September) Government - NTR Military - NTR U.S. SECTOR INFORMATION: Water Supply - On 22 September, the National Guard deployed troops to Hoover Dam, an assignment that officials say will continue indefinitely. The Associated Press said National Guard personnel will be at security checkpoints, relieving Federal Bureau of Reclamation police that have been at the dam since the terrorist attacks in New York City and Washington, D.C. last week. A spokeswoman said that the National Guard will be checking vehicles on US Highway 93 in Arizona and Nevada, as a precaution, but the FBI had not reported any credible threats against the Hoover Dam. (Source: Water Technology Online, 26 September) Southern California's main water provider said that it has relaxed a full security alert in place after last week's terrorist attacks in New York City and Washington DC, but its facilities remain closed to the public on 22 September. The Metropolitan Water District (MWD) said security forces were doubled around its reservoirs, pumping stations, treatment plants and offices as officials remained vigilant about possible terrorist attacks against the water supply. MWD's actions are crucial to protecting Southern California's water because the agency provides nearly all of the water used by residents and businesses in the region. The group buys water from the Colorado River and the State Water Project in Northern California, and then sells it to 25 Southern California cities and water agencies. (Source: Water Technology Online, 26 September) Electrical Power - NTR Transportation - NTR Telecommunications - NTR Emergency Services - NTR Banking and Finance - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:26:36 PDT