-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Tuesday, October 09, 2001 9:33 AM To: daily Subject: NIPC Daily Report, 9 October 2001 NIPC Daily Report 9 October 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - The National Infrastructure Protection Center (NIPC) continues to observe hacking activity targeting the E-Commerce or E-Finance/Banking industry. Over the past several months, hackers have increased their targeting of several third-party service providers, because of the access they have into a partner company and the proprietary information contained therein. This information is detailed in NIPC Advisories 01-003 and 01-0023, titled "E-Commerce Vulnerabilities," dated 8 March and 4 October 2001 respectively. Private Sector - A research organization called Men & Mice reported that Domain Name Servers present a vulnerability to 80% of .com Web sites because they offer little to no protection from hackers or natural outages. Research has found that a quarter of Fortune 1000 companies were running servers with vulnerable DNS setups, and around 250 multinational cooperates are at risk of losing their Web sites. If the single network segment housing their DNS servers fails, the site goes down. Despite high profile attacks followed by higher profile warnings and advisories about configuration and flaws in the Bind software, a majority of Web sites still suffer from DNS bugbears. The results of the latest Domain Health Survey from August, shows that 78.96% of 5000 randomly selected Internet zones have incorrect setups. (Source: Vnunet, 8 October) Government - Three months ago, a new alliance of state computer security organizations described the top threat to the nation's information infrastructure as attacks from "insiders." Indeed, studies cited by the newly formed West Virginia Information Assurance and Computer Security Alliance indicate that three-quarters of business and government computer downtime stems from sabotage by frustrated employees or ex-employees. But after the 11 September terrorist attacks, the world has become wide awake to a different sort of threat. A spokesman explaining the rationale for the alliance's first meeting on 9 October talks mainly about "outsiders." The two main speakers for 9 October are William Gerber of the FBI's National Infrastructure Protection Center in Washington, D.C., and Dick Johnston, director of the National White Collar Crime Center. (Source: NewsEdge, 8 October) Military- NTR International - On 5 October, a Japanese government-affiliated agency said it had received 218 reported cases of computer damage caused by the W32/Nimda virus. The Information Technology Promotion Agency said the damage cases were among 323 reports detecting the virus filed in September. The first report was filed on 19 September. In nearly half of the 218 cases of computer damage, the virus was apparently transmitted simply by viewing Web sites using Internet Explorer software, a characteristic which made the virus more virulent than others, said the agency affiliated with the Ministry of Economy, Trade and Industry. The agency also received 704 reports of detection of the SIRCAM virus, which is chiefly transmitted by e-mail. Including these, virus reports in September totaled 2,238, exceeding 2,000 for a second month in a row, according to the agency. (Source: JPP, 5 October) A UK computer consultant found guilty of hacking into an United Arab Emirates (UAE) ISP has had his appeal overturned. Lee Ashurst was initially found guilty of breaking into and misusing the services of Etisalat, the UAE's only Internet service provider. Ashurst appealed against the verdict but was found guilty by the Dubai Appeals Court of opening the private e-mails of Etisalat employees. The court also upheld the initial charge. The court case has prompted a federal cabinet committee in the UAE to examine the introduction of cybercrime legislation to bridge the grey areas highlighted by Ashurst's actions. Ashurst appealed against the first ruling last month after a forensic lab verified that his laptop had been used to access the ISP's network. (Source: vnunet.com, 8 October) U.S. SECTOR INFORMATION: Telecommunications - On 5 October, US federal regulators conditionally approved the requests by five wireless companies to extend the timetable for more precisely pinpointing the location of people calling 911 from their mobile telephones. The Federal Communications Commission (FCC) said the biggest US mobile telephone carriers, Verizon Wireless, Sprint PCS and Nextel Communications had met all the requirements for providing plans for phasing in enhanced 911 services. While the agency approved part of the plans by Cingular Wireless and AT&T Wireless Services Inc., the FCC said it was examining possible sanctions against the two for failing to timely submit compliance plans for other parts of their networks. The deadline was 1 October for US wireless companies to begin offering improved location identification, including the sale of handsets equipped to accomplish that goal. The roll-out of E-911 location identification is slated to be completed by 31 December 2005. (Source: Reuters, 5 October) Gas and Oil Storage Distribution - In an apparently random act of vandalism, a bullet punched a hole in the trans-Alaska oil pipeline on 4 October, sending oil spewing for hours in a remote area north of Fairbanks. A man who lives near the pipeline was arrested in connection with the shooting. At least 70,000 gallons of crude oil sprayed into the scrub and spruce forest near the small community of Livengood, 107 miles north of Fairbanks on the Elliott Highway. The spill is the biggest along the pipeline in 23 years. Alaska State Troopers charged an identified individual who lives near Livengood with criminal mischief. (Source: Anchorage Daily News, 5 October) According to a new report to the Secretary of Energy by the National Petroleum Council (NPC), oil and natural gas companies are not adequately prepared to cope with cyber-disruptions. While these companies have long had the capacity to recover quickly from physical infrastructure problems, the report concludes that "processes are inadequate to deal with the changes that are accompanying the increased dependence on cyber and other electronic systems." According to the report, almost 62% of the energy used in the US is provided by the oil and natural gas industries. The report suggests some pro active measures for protection. Each company should conduct regular vulnerability assessments on systems and operations, assess vulnerabilities of partners, and implement best practices, such as ISO 17799 (an internationally recognized information security standard), to reduce threats to electronic systems. Next, the report recommends the establishment of a mechanism for sharing information about threats and responses, similar to the information sharing and analysis centers (ISACs) that exist in other industries. Information shared within this ISAC would be confidential and restricted to members. (Source: Security Management, 8 October) Water Supply - The House Water Resources and Environment Subcommittee has scheduled a hearing on 10 October, to review the ongoing efforts of federal agencies, local governments, and the private sector to prevent water supply systems, wastewater treatment plants, dams and reservoirs, federally-owned power plants and hazardous chemicals from being used against the US in a terrorist attack. Witnesses are expected to include Ronald Dick, the director of the FBI's National Infrastructure Protection Center; Assistant Secretary of the Army for Civil Works Michael Parker; Glenn L. McCullough Jr., chairman of the board of directors of the Tennessee Valley Authority; and the US Environmental Protection Agency's Special Assistant to the Administrator for Homeland Security Robert Bostock, in addition to local government and private sector representatives. (Source: Water Technology Online, 8 October) Transportation - NTR Electrical Power - NTR Government Services - NTR Banking and Finance - NTR Emergency Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:27:01 PDT