-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Monday, October 15, 2001 11:03 AM To: daily; cccwolf@private Subject: NIPC Daily Report 15 October 2001 NIPC Daily Report, 15 October 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - No significant changes. Private Sector - An online gift certificate company said a hacker that blackmailed it for weeks after pilfering its customer information has apparently carried out threats of disclosing the data to its customers. Webcertificate.com customers reported getting an e-mail message that included their home and e-mail addresses. "I hate to inform you that your account has been hacked," said the e-mail from someone identified as Zilterio. Webcertificate, a unit of Ecount, was hacked on 21 August. Shortly afterward, the hacker, who also claimed to have stolen 350,000 credit card numbers, which were really16-digit serial numbers used to identify gift certificates, contacted Ecount and tried to extort the company. The caller demanded $45,000 in exchange for not disclosing the information. The company refused to meet the demands and informed customers that the break-in had occurred assuring them that their credit card information was safe.(Source: News.com, 12 October) Two Charleston, South Carolina, businesses and a newspaper have notified the FBI about unauthorized calls placed to the Middle East through their switchboards. Hackers broke into the phone system at The Post and Courier and made $4,500 worth of calls to the Middle East and Southeast Asia two weeks before terrorists attacked the World Trade Center and Pentagon, the newspaper reported. The suspicious calls prompted the newspaper to notify the FBI. WCSC-TV and Piggly Wiggly also reported that their phones were hacked into. According to phone records, 10 calls were placed on 28 August and routed through The Post and Courier's switchboard to phone numbers in Yemen, Egypt, Myanmar and Sri Lanka. The newspaper discovered the calls when it received its phone bill two weeks ago and noticed the calls were made using a different long-distance server than the paper uses. (Source: Associated Press, 12 October) According to Gartner analyst Rich Mogull, companies increasingly deliver their content and services via the Internet to a variety of new devices, such as personal digital assistants, television sets, gaming consoles, MP3 players, and smart phones. This creates a situation that makes it more difficult for IT departments to protect internal systems from attacks and prevent data theft since many of these devices are inherently insecure, lacking solid and proven security technology. To compound the situation, IT departments often find themselves pressured by users to support these devices. The hurried adoption of these devices and the creation of new mechanisms to deliver data to them water down the protection of internal systems and promotes a confusing set of standards, platforms, and delivery mechanisms, said Mogull. (Source: InfoWorld, 11 October) International - German software developer mediaBEAM is weathering its first controversy as hackers successfully find a way around the firm's AdKEY service. A German hacker group calling itself the "Anti-AdKEY Initiative" released a statement detailing how a user could successfully counter mediaBEAM's technology, which is designed to forbid access to Web sites by users of ad-blocking software. The hackers, who mocked the system as "amateurish" in a statement, said they were able to compromise AdKEY within only a few hours of experimentation, and have since posted their workaround across the Internet. Initially, mediaBEAM chief executive Frank Beckert dismissed the hackers' claim as "definitely not true." However, a few hours later, the firm's chief technical officer, Jochen Meyer, confirmed that the workaround had indeed functioned as described and has since been rendered unusable by mediaBEAM. (Source: Internet News, 12 October) Government - The Justice Department awarded a $4 million task order to Northrop Grumman Corp. to help secure the Joint Automated Booking System (JABS), a nationwide system for identifying and booking criminal suspects. The JABS program is designed to standardize arrest procedures, ensuring that law enforcement officials collect the same information every time they make an arrest and providing the data necessary to maintain a national offender database. JABS also would be linked to an electronic fingerprint database, thereby reducing the time it takes to identify a suspect from weeks to hours. JABS has been on the drawing boards for more than a year, and it would create an information-sharing infrastructure among five law enforcement agencies -- the Federal Bureau of Prisons, DEA, FBI, INS, and the US Marshals Service. (Source: Federal Computer Week, 12 October) A new bill being considered in Congress calls for life in prison without a possibility of parole for people who engage in computer trespass, also known as hackers. Obviously, the Anti-Terrorism Act is the direct result of the 11 September attacks, but several organizations are already crying foul over its implications. Most noticeably, the Electronic Frontier Foundation has publicly condemned the bill, saying the punishment is too severe, potentially sending "relatively harmless pranksters" to prison for life. The bill treats low-level computer intrusion, already a crime under existing laws, as an act of terrorism. (Source: East Carolinian, 12 October) Federal agencies are scrutinizing their Web sites and removing any information they believe terrorists might use to plot attacks against the nation. Federal agencies have been reviewing their sites in the wake of the terrorist attacks. Bush spokeswoman Anne Womack said the White House has not requested that they do so, the reviews are voluntary. It is unclear whether a specific guideline has been passed down which indicates the type of information should be removed. There also is no uniform process for the review, according to some agency officials. Some federal agencies are not commenting on whether they are removing information from their Web sites, while others give vague descriptions of their deletions. The Nuclear Regulatory Commission shut down its web site 10 October and plans to remove the coordinates of the nation's 103 commercial nuclear power reactors. The Environmental Protection Agency has taken down a Web site with information about emergency plans and chemicals at 15,000 sites. The Centers for Disease Control and Prevention removed a vague report about security at chemical plants from its site, and the Office of Pipeline Safety is restricting to industry and government officials its mapping software and pipeline data. (Source: Associated Press, 12 October) On 11 October, a Russian man was found guilty in federal court of operating a computer hacking scam to defraud US Internet service companies. Jurors found Vasiliy Gorshkov, 26, guilty on 20 counts of wire fraud and a variety of computer crimes. He faces up to 100 years in prison when sentenced in January. Federal investigators said Gorshkov and a partner defrauded more than 40 businesses in 10 states, using nothing more than a pair of computers in Chelyabinsk, Russia. Investigators say the two hacked into business e-mail systems, then contacted the companies posing as "security consultants" and offering to fix the problems for fees as high as $5,000. (Source: Seattle Post-Intelligencer, 12 October) Military -NTR U.S. SECTOR INFORMATION: Transportation - The government is checking the backgrounds of security workers who screen passengers at the 20 largest US airports, including the three where the terrorist hijackers took off on 11 September. The Federal Aviation Administration and the Transportation Department's inspector general also plan a separate audit of the screeners employed by a security firm which operates at 14 airports. The investigations were announced 12 October after federal prosecutors charged the security firm with failing to adequately check employees' backgrounds. Federal prosecutors said the firm had hired convicted criminals to staff security checkpoints at Philadelphia International Airport even after the company was fined $1 million last year for failing to check the backgrounds of its employees. In filing a motion against the firm on 11 October, US Attorney Patrick Meehan said inspectors found the company also failed to do adequate background checks of employees at 13 other airports. Meehan said he wanted new sanctions, including an order that the company regularly audit its work force and fingerprint all employees. (Source: Associated Press, 13 October) Canada's railways are increasing the security focus on US border crossings, particularly bridges and tunnels that are owned and operated by the railroads. The measures are part of an upgrade in the security activities of Canadian National (CN) and Canadian Pacific railways since the 11 September terrorist attacks. Security is crucial because of the large volume of cargo that flows between the two countries. CN gets 52% of its revenue from its cross-border freight operations. Although security officials don't think Canada is a terrorist target, they believe that installations and facilities that are important to the functioning of the US economy may draw the attention of potential terrorist activity. CN said a key crossing point in Minnesota, which takes goods on to Chicago, is responsible for 25% of the railroad's cross-border cargo. (Source: National Post, 15 October) Telecommunications - NTR Water Supply -NTR Gas and Oil Storage Distribution - NTR Electrical Power - NTR Government Services - NTR Banking and Finance -NTR Emergency Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:27:49 PDT