-----Original Message----- From: NIPC Watch To: daily Sent: 10/25/01 10:22 AM Subject: NIPC Daily Report 25 October 2001 NIPC Daily Report, 25 October 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - No significant changes. Private Sector - An e-mail virus named after Usama bin Laden has appeared in South Korea with subject lines claiming, among other things, that the alleged terrorist is in love with Iraqi leader Saddam Hussein. A personal computer user reported receiving the virus on 23 October, according to Ahnlab Inc., a South Korean anti-virus software maker that posted the virus alert on its Web site. The virus spreads by mailing copies of itself to addresses stored in the computer's instant messaging system. The messages have subject headings in broken English such as ?Bin Laden toillete paper!!,? ?Sadam Hussein & Bin Laden IN LOVE,? and ?Anthrax mail is true(not a joke),? according to the company's Korean language posting. The bin Laden message also comes with an attachment, ?BINLADEN BRASIL.EXE.? The virus slows down the computer and makes data vulnerable to leaks, Ahnlab said, adding that computer users can download software from its Web page to fix the problems. (Source: AP, 24 October) (NIPC Comment: US anti-virus vendors are rating the threat from this virus as low. NIPC will continue to monitor and advise as appropriate.) Government - Enterprises are closely watching the federal government's efforts to build a closed IP network for government use, hoping that some new methodologies and technologies will be transferrable to the private sector. At the request of Richard Clarke, President Bush's cyberspace security adviser, the US General Services Administration (GSA) earlier this month released a Request for Information (RFI) to the IT and telecommunications industries, seeking information and suggestions for the development of a special network called Govnet. This comes in the wake of the terrorist strikes and subsequent concern that communications networks may be vulnerable to attack. The goal of Govnet is to "perform its functions with no risk of penetration or disruption from users on other networks, such as the Internet," the RFI stated. Govnet will be a private voice and data network based on the Internet Protocol but with no connectivity to the Internet or other public or private networks. Once a contractor is selected, the GSA wants a working network within six months. (Source: InternetWeek, 24 October) As awareness about the importance of sharing information about cyber and physical threats grows following the terrorist attacks, the GAO last week released a report on the best practices of leading organizations in the public and private sectors. The report is in response to a request in May from Sen. Robert Bennett (R-Utah), a key supporter of critical infrastructure protection issues and an advocate for sharing cybersecurity information between the government and private sector. Bennett and other members of Congress have introduced bills this year to promote such sharing. GAO reviewed 11 organizations, including the Centers for Disease Control and Prevention, the Federal Computer Incident Response Center (FedCIRC), the Joint Task Force-Computer Network Operations (JTF-CNO), and the North American Electric Reliability Council. FedCIRC serves as the central warning, analysis and response organization for federal civilian agencies, and the JTF-CNO provides that service for the DoD. All of these organizations form relationships with members to collect information on security incidents, analyze potential future weaknesses and issue alerts on vulnerabilities and attacks. (Source: Federal Computer Week, 24 October) International- Two of the United Kingdom's key information technology security associations have joined forces to tackle cybercrime, a problem they say the country is not prepared to battle. The Information Assurance Advisory Council (IAAC) has teamed up with the Institute for Communications Arbitration and Forensics (ICAF) with the aim of better educating businesses and their customers about cybercrime. The partnership follows research carried out by ICAF and the Communications Management Association (CMA) into how ready British businesses are to fight the various forms of cybercrime. That research found that many companies do not understand the issues involved. Professor Andrew Rathmell, IAAC's CEO, said the results of the ICAF/CMA research were disturbing, revealing that most companies have failed to make cybercrime a priority issue. (Source: Newsbytes, 25 October) A Chinese-American wireless technology expert has urged Chinese telecom business operators to buy out insolvent US-based technology start-ups, thus cashing in on their research capabilities and talents as a shor-cut to meeting global competition. Li Fung Chang, who serves as a technology consultant at AT&T Labs, said that the acquisitions will help shore up the research and development capability of the Chinese firms, long their cardinal obstacle to global primacy. "Chinese telecom firms still lack the capability for a core technology breakthrough," said Chang. "A more progressive outward acquisition is the best way to fight back." Chang, a member of a high-profile delegation from the Chinese Institute of Engineering (CIE), said she was impressed with the growth of such telecom players in China as Shenzhen-based Huawei and Zhongxing after she toured their plants in the last two weeks. Chang said in an interview that she is coordinating with Huawei on coming up with possible acquisition plans, but details are not available. (Source: Beijing China Daily, 25 October) Military - Taiwan's Investigation Bureau is looking into a claim that local hackers broke into an US military Web site in the wake of the 11 September terror attacks. The Liberty Times newspaper reported that the bureau had received an urgent request from the US to identify hackers from Taiwan who had apparently broken into the Web site of the US Army headquarters. There were no details about what the hackers were supposed to have done to the site. (Source: Agence France-Presse, 24 October) U.S. SECTOR INFORMATION: Transportation - NTR Electrical Power - NTR Water Supply - NTR Banking and Finance - NTR Telecommunications - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR Emergency Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:28:51 PDT