-----Original Message----- From: NIPC Watch To: daily Sent: 10/1/01 7:48 AM Subject: NIPC Daily Report for 01 October 2001 NIPC Daily Report for 01 October 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - SecurityFocus reports that a message claiming to come from SecurityFocus' ARIS system and TrendMicro is being used to deliver what appears to be the "BioNet" trojan to unsuspecting users. The messages come with an executable attachment named FIX_NIMDA.exe, which has a name similar to the one used by TrendMicro for their free Nimda removal tool (FIX_NIMDA.com). Recipients are advised not to open e-mails with attachments FIX_NIMDA.exe. (Source: Securityfocus.com, 30 September) Private Sector - Central Command, a provider of PC anti-virus software and computer security services and its partners today released its monthly listing of the top twelve viruses reported for September 2001. The report is based on the number of virus occurrences confirmed through Central Command's Emergency Virus Response Team. The following viruses represent the most prevalent for September 2001, number one being the most frequent; 1) Win32.Nimda.A@mm 28.8%, 2) I-Worm.Sircam.A 24.6%, 3) Win32.Magistr.A@mm 6.1%, 4) Win32.Apost.A@mm 5) 6%, 5) VBS.HappyTime.A@mm 4.3%, 6) Win95.CIH 4.0%, 7) I-Worm.Hybris.B 3.9%, 8) Win32.FunLove.4099 2.7%, 9) I-Worm.Qaz 2.6%, 10) Win32.Weird.10240.A 2.1%, 11) Trojan.VirtualRoot .8%, 12) Win95.Spaces 1.3%, and Others 12.2%. (Source: Central Command, 1 October) Government - Sen. Ron Wyden, D-Oregon, proposed the formation of a "National Emergency Technology Guard" on 26 September that would function as a National Guard-style information-technology defense force, comprising the nation's technology workers, in the event of a national crisis. While he has not proposed legislation, Wyden intends to meet next week with representatives from several technology companies, and also has planned hearings in the Senate Commerce Subcommittee on Science, Technology and Space, which he chairs. The list of representatives has not yet been issued. Wyden in a floor speech on 26 September said that US IT companies could organize a "national volunteer response team" to protect the US communications infrastructure "in times of critical need." (Source: Newsbytes, 28 September) Richard Clarke will oversee "cybersecurity" while Retired Army Gen. Wayne Downing will coordinate anti-terror efforts with military and intelligence counterparts. Clarke, who currently heads the government's counterterrorism team, will direct efforts to protect the nation's information infrastructure from attack, according to three administration officials, and Downing will coordinate intelligence and military resources in the anti-terror campaign. Clarke and Downing will serve Bush at the National Security Council, working alongside Governor Tom Ridge, who was tapped by Bush to head a newly created, Cabinet-level Office of Homeland Security. While the officials said their precise roles have yet to be determined, two other White House aides said Clarke and Downing will work beneath Ridge in the anti-terror hierarchy. Clarke has served as counterterrorism chief at the White House for more than a decade as the first national coordinator for security, infrastructure protection and counterterrorism. He will head the new Office of Cyberspace Security. Downing, former chief of the US Special Operations Command, will head a new White House Office for Combating Terrorism. (Source: Associated Press, 30 September) International - Malicious code is spreading through Saudi's networks at Internet speed. Three new destructive worms, TROJ_VOTE.A, TROJ_VOTE.B. and the variant TROJ_VOTE.C, have been detected in three days. Mirza Asrar Baig, chief executive officer of the local network security firm IT Matrix, has advised network administrators and PC users to update anti-virus programs, check for updates everyday for the foreseeable future and set anti-virus programs to scan HTTP traffic as well as e-mails. New variants of these Trojans are arising daily and it takes anti-virus companies time to create detection patterns. (Source: Jedda Arab News, 29 September) Military - NTR U.S. SECTOR INFORMATION: Water Supply - US water companies are heightening security, from increasing patrols at reservoirs to shutting down roads, after warnings from law enforcement officials that the nation's water supply could face sabotage. At some of the largest US water utilities, water supplies are now subjected to more frequent and strenuous tests, while trucks entering its treatment plants in some cities must pass close inspections. New barbed wire fences have been installed around reservoirs; padlocks guarding storage tanks have been changed; security patrols, even armed ones, have been working overtime; and in some spots, fishing has been banned. While companies have put security "on a heightened alert as a general precaution", there haven't been any specific threats against water supplies, according to the American Water Works Association, a trade group with 57,000 members. However, executives at water companies said they have been in touch with federal and local law enforcement authorities and emergency response programs and security measures, many of which have been in place for years, are now getting close review. (Source: Reuters, 28 September) Banking and Finance - NTR Electrical Power - NTR Telecommunications - NTR Emergency Services - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR Transportation - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:26:49 PDT