-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, October 05, 2001 6:24 AM To: daily Subject: NIPC Daily Report, 5 October 2001 NIPC Daily Report 5 October 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - No Significant Changes. Private Sector - The Microsoft Corporation has released Microsoft Security Bulletin MS01-050, pertaining to Excel and PowerPoint, which have a macro security framework that controls the execution of macros and prevents macros from running automatically. Under this framework, any time a user opens a document the document is scanned for the presence of macros. If a document contains macros, the user is notified and asked if he wants to run the macros or the macros are disabled entirely, depending on the security setting. A flaw exists in the way macros are detected that can allow a malicious user to bypass macro checking. A malicious attacker could attempt to exploit this vulnerability by crafting a specially-formed Excel or PowerPoint document with macro code that would run automatically when the user opened it. The attacker could carry out this attack by hosting the malicious file on a web site, a file share, or by sending it through email. A patch for this vulnerability is available at the following url: http://www.microsoft.com/technet/security/bulletin/ms01-050.asp Cisco has identified that the Cisco Secure PIX Firewall AAA authentication feature, introduced in version 4.0, is vulnerable to a Denial of Service (DoS) attack initiated by authenticating users on the system. This vulnerability affects specific configurations and has been resolved in released versions of the PIX Firewall. This vulnerability has been assigned Cisco bug ID CSCdt92339, which can be found at the following url: http://www.cisco.com/warp/public/707/pixfirewall-authen-flood-pub.shtml. (Source: Cisco, 3 October) International - As of 2 October, at Hanyang University in South Korea, about 700 of its computers have been infected by the Nimda virus The university said it is facing a lot of difficulty restoring all affected systems. When the virus hit Konkuk University on 20 September, its entire computer network service was broken down. On the same day, the transmitter-receiver system of the e-mail network used by faculty members at Sejong University broke down because of the virus attack. Following the attacks, universities have issued a Nimda virus warning as well as preventative measures. They have also adopted a 24-hour monitoring system to prevent the virus from spreading. (Source: The Korea Herald, 4 October) The United States will push its global anti-terrorism agenda at upcoming meetings of the Asia-Pacific Economic Cooperation (APEC) forum in hopes the new focus will revitalize the 21-member regional grouping. Washington hopes to use the 17-18 October APEC ministers meeting and the 20 -21 October leaders summit to press for strengthened customs controls, improved aircraft, airport and port security, curbs on financing for terrorists, and protection for critical economic sectors like telecommunications and oil. Powell, Evans and Zoellick will lead the US charge in Shanghai, urging APEC members to comply with UN anti-terrorism resolutions and sign and ratify an international convention to limit financing for extremists, the official said. (Source: Agence France Presse, 5 October) Government - Senate Governmental Affairs Committee Ranking Member Fred Thompson (R-TN) outlined his expectations for the committee's upcoming hearing on protection of the nation's critical infrastructure scheduled for 4 October. "At the 4 October hearing, we will explore plans being instituted to protect our critical infrastructure. The General Accounting Office has told this Committee that it is essential to link the government's strategy for combating computer-based attacks to the national strategy for combating terrorism," Thompson said. (Source: www.senate.gov, 4 October) Military- NTR U.S. SECTOR INFORMATION: Telecommunications - Qwest Communications International Inc., Chairman and CEO Joseph P. Nacchio told a Senate committee on 4 October that the nation's telecommunications networks are strong, but the Administration and Congress should take additional steps to protect the security of all our country's critical public and private network facilities. Nacchio testified before the Senate Governmental Affairs Committee, which conducted a hearing on the protection of critical infrastructure, such as the telecommunications network, from cyber and physical attacks. Nacchio also endorsed two other measures to help improve infrastructure security. He said Congress should remove barriers to the sharing of information about network architecture and infrastructure threats, and Congress "should complement these efforts by enacting legislation increasing the penalties for cyber attacks and acts of vandalism that impair the tel communications infrastructure, and by giving law enforcement greater latitude to investigate and prosecute these attacks." (Source: PRNews Wire, 4 October) Water Supply - The Environmental Protection Agency (EPA) has fallen years behind its timetable for safeguarding the nation's water supply against a possible terrorist attack, according to the agency's internal documents. Under orders from President Bill Clinton, the agency detailed its plans for protecting the nation's drinking water in 1998, offering a road map for the administration's campaign to foil terrorist plots by fortifying the US infrastructure. Yet many of the steps that the agency said would be completed as long as two years ago, like identifying vulnerabilities, have just begun or are still on the drawing board. That is prompting some lawmakers to call for stricter oversight of the EPA's antiterrorism efforts. "Our nation no longer has the luxury of time to build adequate defenses against threats to our drinking water," Senator Christopher S. Bond of Missouri, the senior Republican on the Appropriations Committee, wrote in a letter this week to Christie Whitman, the agency administrator. "We must build them now." (Source: New York Times, 4 October) Transportation - A satellite communications firm has submitted a preliminary proposal to the Federal Aviation Administration (FAA) suggesting that their satellite network could be used to monitor cockpit voice and flight data in real-time, allowing better defense against future terrorist hijacking of airliners. Currently, investigators cannot find out what is on voice and data recorders until they recover the nigh-indestructible "black box" from a wreckage site. Rather than limiting such data to post-crash investigative uses, the network could be used at a time of crisis to help aviation, law enforcement and military officials react before a tragedy unfolds. The flight information would be sent directly to FAA data centers. The proposal was submitted 26 September, to meet an FAA deadline for submissions regarding upgrades to airport or plane security. The agency has formed panels to study security recommendations, and it is expected to make initial announcements in response to proposals later this month. (Source: News Factor.com, 4 October) Gas and Oil Storage Distribution - NTR Electrical Power - NTR Government Services - NTR Banking and Finance - NTR Emergency Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:26:58 PDT