-----Original Message----- From: NIPC Watch To: daily Sent: 9/28/01 9:08 AM Subject: NIPC Daily Report 28 September 01 NIPC Daily Report 28 September 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - NTR Private Sector - Cisco's Pix firewall has a vulnerability in the SMTP command filtering feature, known as Mailguard, which is designed to give additional protection to the mail server. Exploiting the hole would allow an attacker to gain information about email accounts and names. The attacker may also be able to execute arbitrary code on the mail server, if it is not properly secured. Although there is not a direct work around for this vulnerability, the company said that the potential for exploitation "can be lessened by ensuring that mail servers are secured without relying on the PIX functionality." "If that server is already well configured, and has the latest security patches and fixes from the SMTP vendor, that will minimize the potential for exploitation of this vulnerability," the advisory reads. All users of PIX firewalls with software versions 6.0(1), 5.2(5) and 5.2(4) with access to SMTP Mail services are at risk. Cisco also warned that Internet firewalls do not protect against risk factors internal to a firewalled network such as social engineering, rogue internal users or additional external access points to the internal network, such as modem pools or network fax machines. (Source: Vnunet.com, 27 September) Government - The National Infrastructure Protection Center (NIPC) is leading the FBI's cyber aspects of the investigation into the 11 September terrorist attacks, according to NIPC director Ronald Dick. With the Justice Department heading the joint law enforcement, intelligence and military investigation into the attacks, an effort called PENTTBOM, the NIPC is lending all of its technical and coordination expertise, Dick testified before various Congressional Committees. NIPC's Special Technologies and Applications Unit, which usually provides the technical expertise to track computer intrusions, is serving as the technical assistance for the PENTTBOM team through a newly established Cyber Crisis Action Team. Earlier this year, the NIPC created its Interagency Coordination Cell, which helps resolve conflicts between the many federal agencies involved in cyber investigations. The group meets monthly or as needed. (Source: Federal Computer Weekly, 27 September) Lawmakers may be asked to give the FBI a "software key" to encryption technology that would allow the agency to unlock secret Internet messages but experts warn the measure would impair commerce and violate privacy right without deterring terrorism. Sen. Judd Gregg (NH-R), is seeking to include in an anti-terrorism bill backed by the Bush administration a requirement that a "back door" be installed in encryption products, a step that would essentially give law enforcement agencies a key to decode scrambled messages. Strong cryptography programs are not perfectly impenetrable but the scrambled messages they produce require a lot of computing power to decode. Encryption that includes the proposed "back door" for government use would be compromised and less useful for legitimate traffic, opponents said. Privacy and computer security experts argue that solution would actually hinder law enforcement efforts and undermine legitimate electronic business. (Source: Reuters, 26 September) International - The European Committee on Crime Problems has approved the Convention on Cybercrime, an international treaty requiring signatory countries to adopt cybercrime laws and cooperate with other countries in investigations. The treaty is expected to be adopted by the Council of Europe's Committee of Ministers this month. The US has observer status with the option to choose to ratify the treaty. The treaty has been lauded by those interested in protecting intellectual property rights, but opposition has come from business groups and privacy advocates who complain that law enforcement was too heavily represented at the expense of business and consumer interests. Some feel that treaty has not reached a balance between law enforcement requirements and privacy concerns and regard the convention as a "wish list for prosecutors" and say that the treaty does nothing to restrict the authority of law enforcement to enter upon (either actually or virtually) the territory and sovereignty of another country. (Source: Security Management, 27 September) The Dutch creator of the "Anna Kournikova" virus, which infected computers worldwide, was sentenced on 27 September to 150 hours' community service. The virus e-mailed itself to millions of computers in February, slowing systems and shutting down some servers. Its creator, a 20-year-old computer shop employee from the northern Dutch town of Sneek, collected viruses and had by his own admission gathered some 7,200, the court in the city of Leeuwarden said in its verdict. "The virus he spread caused nuisance, concern and irritation to Internet users worldwide," the court said in its judgment, though it added that the damage had been limited. (Source: Wired News, 28 September) Military - NTR U.S. SECTOR INFORMATION: Transportation - The United States is preparing to test a revolutionary system for detecting chemical attacks in subway stations, a government official says. The tests have been given greater urgency by widespread fears of possible chemical attacks after the bombings on 11 September. The US government has been working on an early-warning sensor system, thought to be the first of its kind in the world, for the past 3 years. The system would detect and identify toxic chemicals, map contaminated zones and predict directions in which the hazardous gases might spread so emergency crews could redirect trains and passengers. One of Washington's 83 subway stations will host the test before the end of this year and by 2003. The Washington Metropolitan Area Transit Authority (WMTA), whose trains carry 600,000 people around the capital each day, is working with the Department of Transportation, the National Institute of Justice and the Department of Energy (DOE) on the project. (Source: Reuters, 27 September) Banking and Finance - NTR Water Supply - NTR Electrical Power - NTR Telecommunications - NTR Emergency Services - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:26:45 PDT