FW: NIPC Daily Report, 05 November 2001

From: George Heuston (georgeh@private)
Date: Mon Nov 05 2001 - 09:01:54 PST

  • Next message: George Heuston: "CRIME Meeting 13 Nov @10am@Verizon"

    -----Original Message-----
    From: NIPC Watch [mailto:nipc.watch@private] 
    Sent: Monday, November 05, 2001 8:44 AM
    To: daily
    Subject: NIPC Daily Report, 05 November 2001
    
    
    NIPC Daily Report, 05 November 2001
    
    NOTE:  Please understand that this is for informational purposes only
    and does not constitute any verification of the information contained in
    
    the report nor does this constitute endorsement by the NIPC or the FBI.
    
    
    Significant Changes and Assessment - The National Infrastructure
    Protection Center
    (NIPC) issued Advisory 01-026 on 2 November 2001 concerning "Increased
    Potential for
    Distributed Denial of Service (DDoS) Attacks."  Cyber protests and
    hacktivist activity
    have increased and the potential for targeting US organizations is
    higher than in
    September.  NIPC Advisory 01-026 can be viewed at
    www.nipc.gov/warnings/advisories/2001/01-026.htm.
    
    Private Sector - Microsoft acknowledged that its "Passport" technology
    for
    safeguarding Internet purchases has a serious design flaw that could
    have allowed
    hackers to steal credit card numbers and personal information.
    Microsoft said that 2
    million customers use the "e-wallet" feature of Passport that was
    vulnerable, but there
    was no evidence of any theft.  It temporarily shut down access by all
    consumers to their
    virtual wallets starting on 31 October for repairs to the network and
    testing. That move
    inconvenienced buyers at roughly 70 e-commerce Web sites that support
    Microsoft's
    wallet technology, called "Express Purchase."  "We do not believe
    customer data was
    compromised in any way," Microsoft spokesman Adam Sohn said on 2
    November.
    "Users of Windows XP software were never vulnerable because of
    additional security
    measures built in," Sohn said.  (Source: Associated Press, 2 November)
    
    International - Amsterdam's Schiphol airport, is testing a program
    called "Privium,"
    that combines smart-card technology with optical scanning and networked
    computers to
    allow travelers to cross the border after retinal-scan identification.
    A scanner, built by
    New Jersey and Geneva, Switzerland-based Iridian Technologies,
    identifies patterns in
    the human iris.  Enschede and Iris worked closely with the Dutch
    Ministry of Justice, and
    the Schiphol Group (which owns the airport and the concessions).  The
    automated
    border-crossing machine reads the card and the traveler's iris to
    identify a match.
    Passengers who are nationals of European Economic Cooperation nations
    may enroll to
    use the system during a trial period, which will last until the end of
    2002.  (Source:
    Newsbytes, 2 November)
    
    The Mumbai, India cybercrime cell arrested two persons in Ahmedabad for
    hacking
    into the networks of various Internet service providers (ISPs) on 31
    October. Umang
    Dave and S.I. Ilanthirayan are accused of hacking into ISP systems and
    redirecting web
    pages to sites with names of terrorist organizations such as Al Qaida
    and Laskar-e-Toiba.
    The duo ran an Internet security agency called Gateway Telesoft Ltd in
    Ahmedabad.
    Both accused have been remanded to police custody until 9 November.
    Joint
    Commissioner B.S. Mohite did confirm the arrests on hacking charges and
    said one is a
    scientist.  But he urged not to give the arrests media coverage because
    it involved
    national security.  According to preliminary investigations, the duo
    would hack into ISPs
    which had stockbrokers and corporate houses as clients.  Later, their
    company would
    approach the ISP and propose a security program. The ISPs would jump at
    the proposal
    and sign a deal.  (Source:  The Indian Express, 3 November)
    
    Military - NTR
    Government - NTR
    
    U.S. SECTOR INFORMATION:
    
    Water Supply - The Centers for Disease Control and Prevention (CDC) have
    taken on
    the role of coordinating a study that is examining water treatment
    technologies to
    determine their ability to protect drinking water from possible
    bioterrorist agents.  The
    CDC is working closely with the US Environmental Protection Agency, the
    American
    Water Works Association and the Department of Defense.  The study is
    expected to take
    at least six months and will emphasize public health issues.  Among the
    technologies to
    be studied are chlorine sensitivity, moist heat inactivation, ozone and
    ultraviolet.  The
    study is expected to examine at least three or four organisms at first,
    but that list may be
    expanded later.  (Source: Water Technology Online, 2 November)
    
    Emergency Services - On 2 November, officials told a congressional panel
    the
    Federal Emergency Management Agency (FEMA) has established an emergency
    operations center in the District of Columbia (DC) to prepare for a
    catastrophic attack on
    the nation's capital.  Alarmed by the chaos following September's
    terrorist attacks and
    stung by criticism from Congress, DC and federal officials have also
    overhauled the city's
    emergency preparedness plans to copy the federal model.  After the
    hearing, FEMA
    representative Michael Lowder said: "This is to support DC's efforts,
    not to supplant
    them. We are trying to anticipate the event of an attack here in DC so
    that we are better
    prepared here, and DC is helped, too."  (Source: Washington Post, 3
    November)
    
    Gas and Oil Storage Distribution - NTR
    Electrical Power - NTR
    Government Services - NTR
    Banking and Finance - NTR
    Transportation - NTR
    Telecommunications - NTR
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:29:57 PDT