FW: NIPC Daily Report, 16 October 2001

From: George Heuston (georgeh@private)
Date: Tue Oct 16 2001 - 09:31:36 PDT

  • Next message: Toby Kohlenberg: "Re: Syslog buffer overflow"

     
    
    -----Original Message-----
    From: NIPC Watch
    To: daily
    Sent: 10/16/01 8:16 AM
    Subject: NIPC Daily Report, 16 October 2001
    
    NIPC Daily Report, 16 October 2001
    
    NOTE:  Please understand that this is for informational purposes only
    and does not constitute any verification of the information contained in
    
    the report nor does this constitute endorsement by the NIPC or the FBI.
    
    Significant Changes and Assessment - No significant changes.
    
    Private Sector - According to Carnegie Mellon University's Computer
    Emergency Response Team/Coordination Center (CERT/CC), attacks on
    Internet computers are on pace to easily double the number reported last
    year. With three months still remaining in 2001, the number of security
    incidents reported to the coordination center of the CERT/CC in 2001 has
    already soared past the totals for 2000, according to statistics
    released by CERT/CC.  So far this year, 34,754 attacks have been
    reported to CERT/CC, a 60% increase over the 21,756 incidents logged by
    the organization in all of 2000.  If the incident reports continue at
    the current pace, this year could see over 46,000 reported security
    attacks, more than twice the number of such breaches reported in 2000.
    (Source: Newsbytes, 15 October)
    
    Secure Net Service (SNS) issued a security advisory regarding Trend
    Micro Office Scan Corporate Edition (Virus Buster Corporate Edition)
    Configuration File Disclosure Vulnerability.  The problem was first
    discovered on 29 August and details a vulnerability that allows remote
    attackers to access configuration files containing passwords.  If this
    vulnerability is exploited, an attacker will be able to gain access to
    the configuration information from this file.  Moreover, although this
    file stores an encrypted password, it is possible to decrypt it easily.
    A patch to fix this issue of Office Scan is available at:
    http://www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=3182
    .  (Source: Secure Net Service, 16 October)
    
    Aerospace Industries Association of America, Inc. (AIA), is adopting a
    new approach for data sharing specifications in the Balkanized world of
    Extensible Markup Language (XML) that converts existing electronic data
    interchange (EDI) data formats and definitions into XML.  This new
    approach is based on Value Chain Markup Language (VCML).  VCML retains
    the structure, business terms and industry specifications of the x12 and
    EDI for Administration, Commerce and Transport standards and translates
    them into formats that can be understood by XML-based systems.  AIA said
    it plans next month to publish business-to-business collaboration
    specifications based on VCML for use by its members in exchanging
    documents such as purchase orders and invoices.  (Source: ComputerWorld,
    12 October)
    Government - Plans are under way among state governments to establish a
    national information-sharing center to boost network security and
    protect information technology infrastructures that belong to the
    states.  The information-sharing center would record and report security
    breaches across state IT enterprises, provide early warnings to other
    states of network breaches and offer patches to fix violated systems,
    said officials with the National Association of State Chief Information
    Officers of Lexington, KY, one of the sponsors of the center.  The
    center might provide companies with feedback on security products and
    solutions they can use to refine requirements.  It might also stimulate
    research and development efforts and generate pilot projects that would
    speed development of next-generation security measures, industry
    officials said.  (Source: Washington Technology, 15 October)
    
    Law enforcement and businesses must cooperate in order to protect
    telephone networks, power grids and other computerized systems from
    hackers and terrorists.  Richard A. Clarke, the new advisor for
    cyber-security in the Office of Homeland Security says "America has
    built cyberspace, and America must now defend its cyberspace.  But it
    can only do that in partnership with industry.  Private sector companies
    own and operate most of our critical infrastructure cyberspace
    systems."  In his previous post at the National Security Council, he was
    already working on fostering closer ties between the government and the
    private sector to improve information security, with mixed success.
    Companies, in the past, have often been reluctant to confirm breaches of
    their computer systems due to competitive pressure, fear of regulations,
    simple embarrassment, and other various reasons. (Source: Boston Globe,
    16 October)
    
    Jim Weathersbee, the new deputy information security officer for West
    Virginia's Health and Human Resources Department, hired an IT security
    firm to give them an independent view of the department's IT system.
    The security firm " . . . will look at the system from both an
    outsider's and insider's point of view and help us address those
    vulnerabilities."  They will likely recommend security training for
    department users.  "Our goal is to increase awareness of the state
    users," he said.  "If they can be the first to notice something is not
    right or just different, then we will have a better chance of stopping
    problems before they get out of control."  The agency's biggest concerns
    are disgruntled employees and outside hackers attacking the system,
    Weathersbee said.  (Source: Government Computer News, 15 October)
    
    International - NTR
    Military -NTR
    
    
    U.S. SECTOR INFORMATION:
    
    Transportation - On 11 October, at a hearing before the House
    Transportation and Infrastructure Committee's Aviation Subcommittee,
    Transportation Department Inspector General Kenneth Mead told members
    that in light of the 11 September terrorist attacks, the Federal
    Aviation Administration (FAA) needs to maximize the use of advanced
    explosives detection equipment and step up its software-based program to
    measure the performance of workers who screen baggage.  Using
    information in airline reservation systems, Computer Assisted Passenger
    Prescreening System (CAPPS) identifies passengers who may pose an
    increased security risk.  FAA Administrator Jane Garvey said that 19
    bulk explosives-detection machines remain in warehouses, but all of them
    will be deployed to airports within 90 days, after preparations are made
    for their installation.  (Source: Federal Computer Week, 15 October)
    
    FAA officials want to make sure that airport security screeners receive
    proper background checks before they are hired.  Beginning with the 20
    busiest airports, FAA investigators plan to review records at every
    airport nationwide.  The airports include Boston, Newark and Washington
    Dulles, where the four hijacked planes used in last month's terrorist
    attacks took off.  Separately, teams of investigators from the FAA and
    the Transportation Department's Inspector general's office are visiting
    14 airports to review the hiring records of employees.  There are 28,000
    screeners and other airport security employees.  Airlines, which pay for
    the security screening, are responsible for making sure that required
    background checks are completed.  (Source: Associated Press, 16 October)
    
    Telecommunications - Wireless Internet and Mobile Computing has
    published a six-part 'Wireless Data and Terrorism' set of pages on the
    firm's Web site.  According to the US-based firm, the features examine
    the failures and value of wireless data, provides emergency wireless
    data checklists, and outline the industry's economic outlook in the
    aftermath of the 11 September terrorist attacks.  Alan Reiter, the
    company's president, said that the cellular network operators rose to
    the challenge of providing reliable voice and data communications during
    and after the attacks.  "However, the cellular data industry in general
    did a terrible job of providing any special information or services to
    help consumers and corporations better cope with the crisis," he
    explained.  (Source: Information Security News, 14 October)
    
    Water Supply -NTR
    Gas and Oil Storage Distribution - NTR
    Electrical Power - NTR
    Government Services - NTR
    Banking and Finance -NTR
    Emergency Services - NTR
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:27:58 PDT