FW: NIPC Daily Report 13 November 2001

From: George Heuston (georgeh@private)
Date: Tue Nov 13 2001 - 19:28:33 PST

  • Next message: George Heuston: "FW: NIPC Daily Report 14 November"

     
    
    -----Original Message-----
    From: NIPC Watch
    To: daily
    Sent: 11/13/01 10:35 AM
    Subject: NIPC Daily Report 13 November 2001
    
    NIPC Daily Report 13 November 2001
    
    NOTE:  Please understand that this is for informational purposes only
    and does not constitute any verification of the information contained in
    the report nor does this constitute endorsement by the NIPC or the FBI.
    
    Significant Changes and Assessment - No significant changes.
    
    Private Sector - Security experts are disputing a report that two new
    tools defeat the outbound data filters of three leading personal
    firewalls.  The two tools can upload user data without being detected by
    the firewall, but only after they have been installed on a system
    through other means since they cannot breach firewalls on their own.
    The tools have to get on a user's hard drive in order to operate,
    usually through a downloaded program on a Web site or an e-mail
    attachment.  If the user prevents that from happening by using updated
    AV software, then that program does not stand much of a chance of
    running on the user's computer.  Firewall vendors zeal for trying to
    roll too many features into a single product may be the reason that
    firewalls are being blamed for being vulnerable to these tools.
    Properly configured firewalls can prevent these tools from being used on
    a system.  (Source: Security Wire Digest, 8 November)
    
    Microsoft and five security companies announced that they would create
    an organization to promote the responsible publishing of information
    about software flaws.  Though many of the details have yet to be
    hammered out, the move marks the beginning of what could be the
    widespread emergence of ethical rules for security research.  "There has
    been a need for industry convergence around a code of conduct for
    releasing exploits," said Eddie Schwartz, chief operating officer for
    security services firm Guardent, a founding member of the group.  "We
    are going to form an organization to help us deal with the
    vulnerabilities.  Ultimately, we want to develop some standards for
    releasing these things."  Besides Microsoft and Guardent, security
    companies @Stake, Bindview, Foundstone and Internet Security Systems
    also supported the announcement.  (Source: CNET News.com, 8 November)
    
    Government - The majority of executive branch agencies earned failing or
    barely passing grades for computer security, and most actually managed
    to perform more poorly than last year, according to a report.
    Two-thirds of executive branch agencies, including the Departments of
    Defense, Agriculture, Education, Energy, Justice, Labor, Transportation
    and Treasury and eight other departments, earned an "F" for computer
    security.  Such abysmal scores helped win the government a overall "F"
    grade this year, down from a "D-" awarded in last year's computer
    security report card.  In its analysis of the penetration tests, the
    General Accounting Office (GAO) noted that this year's grades may be
    lower because agencies significantly expanded the scope of their
    testing.  The GAO also found that most agencies are doing a poor job
    installing readily available patches for commonly known software hacks.
    According to the Federal Computer Incident Response Center, such
    deficiencies are the root cause of some 90% of successful attacks on
    government computers.  (Source: Newsbytes, 9 November)
    
    
    US cyber security czar Richard Clarke says that cyber attacks on the
    nation's critical IT infrastructure could potentially cause
    "catastrophic damage to the economy" and urged more spending on IT
    infrastructure and security.  Clarke, who is chairman of the president's
    Critical Infrastructure Protection Board, also told a gathering of about
    150 security and privacy experts from business and government at the
    Trusted Computing Conference that he opposes a national ID card and
    wants to reduce the opportunities for anonymity on the Internet. Clarke
    strongly defended the proposed GovNet project, which is meant to build a
    closed-loop government agency network that can be isolated from the
    Internet.  Building trust into computing and protecting critical
    infrastructures were the dominant themes of this year's conference, and
    regulation came up most often as the way to curtail rising cyber crime.
    (Source: IDG, 9 November)
    
    Military - The US military is gearing up to use computers and code as
    potentially decisive weapons in the next phases of its campaign. The
    goal would be to disable air defense systems, scramble enemy logistics
    and perhaps infect software through tactics being honed by a joint task
    force set up in 1999 under the Colorado Springs, Colorado-based US Space
    Command. The US military has been working on tools that could wreak
    electronic havoc on countries accused of harboring terrorists as well as
    on ways of defending global networks against cyber attack. (Source:
    Reuters, 9 November)
    
    Faced with a near doubling of attacks on military computers in the past
    year, the guardian of the US military's information systems has asked
    Pentagon leaders for permission to strike back.  "We are no longer going
    to be passive. If they hit us, we'll be hitting them back real soon," US
    Army Maj. Gen. Dave Bryan, commander, Joint Task Force-Computer Network
    Operations (JTF-CNO) said.  A new, classified technology would allow the
    task force to retaliate, Bryan said, although he refused to provide any
    details.  JTF-CNO's request to deploy an active network defense is
    significant because it crosses both technological and legal boundaries,
    according to professor Dan Kuehl, professor of the National Defense
    University.   (Source: Defense News, 12-18 November)
    
    International - The ruling Liberal Democratic Party (LDP) in Japan,
    plans to study measures aimed at protecting government computer systems
    from cyberterrorism.  Specifically, the party intends to call on the
    government, companies, universities and research organizations to
    jointly develop original operating systems for the so-called
    e-government project, which seeks to link firms and residents with the
    central and local governments through the Internet. The project,
    scheduled to be implemented in fiscal 2003, will allow government
    ministries and agencies to conduct business licensing, resident
    registration and other administrative services online.  It is feared,
    however, that the computer system could become vulnerable to
    unauthorized access.  Members of the LDP believe that originally
    developed computer platforms will be more effective in preventing
    cyberterrorism than those on the market. The group also intends to
    enlist companies that possess expertise on information security and
    researchers who specialize in preventive measures against hackers.
    (Source: Tokyo Nikkei, 10 November)
    
    Suspected communist guerrillas waged an unprecedented attack against
    several telecommunications facilities, disrupting cellular telephone
    services in five northern Philippine provinces.  Police chief
    superintendent Reynaldo Berroya said armed men doused buildings on at
    least five sites with gasoline, holding guards at gunpoint.  No one was
    injured on the attacks, which took place late over the weekend.  Berroya
    said the communist rebel group New People's Army was suspected in the
    attacks. He said there were reports that rebels have been trying to
    extort money from cellular phone companies.  Four of the sites belonged
    to leading cell phone service provider Smart Communications Inc.  Other
    sites attacked include Globe Telecom and Pilipino Telephone Corp.
    (Source: Associated Press, 11 November)
    
    U.S. SECTOR INFORMATION:
    
    Electrical Power - The US Federal Energy Regulatory Commission (FERC)
    extended the 15 December deadline for utilities to join regional
    transmission grids and said it will set new deadlines for each of four
    general regions.  Earlier this year, federal regulators ordered
    controversial mediation talks to form four regional transmission
    organizations in the Southeast, Northeast, West, and Midwest. Under the
    FERC proposal, utilities would combine their transmission systems to
    provide open access, cheaper transmission rates, and more reliable
    systems.  (Source: OGJ Online, 9 November)
    
    Water Supply - Water protection and counter terrorist experts will
    convene at the Water Security Summit 2001 to discuss the safety and
    security of water supply infrastructure.  Organized by Haestad Methods,
    this nonprofit event is scheduled for 3-4 December in Hartford, CT.
    Participants will learn to evaluate system vulnerability, leverage
    existing federal, state, and private resources, and develop guidelines
    for implementing security plans.  The event will include presentations
    and panel discussions from some of the foremost experts in water
    quality, bioterrorism, system vulnerability, and crisis management.
    "Water is the quintessential target," said Peter Beering, Esq., Deputy
    General Counsel for the Indianapolis Water Company.  "People are
    emotionally and physically dependent on water because it is the only
    consumable utility.  Those charged with providing safe water should be
    at a heightened state of alert and should implement appropriate security
    measures."  (Source: PRNewswire, 12 November)
    
    Transportation - American Airlines Flight 587 en route to the Dominican
    Republic with 255 people aboard crashed moments after takeoff on 12
    November from Kennedy Airport, setting homes on fire.  All New York City
    metropolitan area airports (Kennedy, LaGuardia and Newark, N.J.) were
    closed after the crash, which took place in the Rockaway section of
    Queens.  All bridges and tunnels into the city were closed except to
    emergency vehicles. (Source: Associated Press, 12 November)
    
    Banking and Finance - NTR
    Telecommunications - NTR
    Emergency Services - NTR
    Gas and Oil Storage Distribution - NTR
    Government Services - NTR
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:31:21 PDT