-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Monday, November 26, 2001 8:36 AM To: daily Subject: NIPC Daily Report 26 November, 2001 Importance: High NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC of the FBI. The NIPC Daily Report 26 November Significant Changes and Assessment - A new variant of the Badtrans worm has been discovered in the wild. It is referred to as variant .b by most companies. Badtrans is a mass mailer that attempts to send itself using Microsoft Outlook by replying to unread e-mail messages. The worm exploits a known MIME Header vulnerability in Microsoft Internet Explorer that was previously reported in Microsoft Security Bulletin MS01-20. This vulnerability allows for the automatic execution of attachments when an e-mail is viewed in the Preview Pane of Outlook or Outlook Express. The worm arrives through e-mail with no message text and an attachment that is randomly generated from three parts. Badtrans also installs a trojan that is a keystroke logger. (Source: Multiple Sources, 24-25 November) (NIPC Comment: Currently US Anti-virus vendors are rating this worm as a medium threat. Several vendors have released updated anti-virus definition files to detect this worm. The NIPC Malicious Code Team is currently monitoring this worm and will advise of any status changes.) Government - The recently approved antiterrorism law could be used to prosecute foreign hackers, a move critics say could make the US the world's Internet policeman. The new prosecutorial powers, which have no parallel in other nations, affect computer hacking cases and takes advantage of the nation's pivotal role in Internet communications. The precedent could be used to apply to pornography or other crimes in which laws differ between nations, according to a former Department of Justice (DOJ) computer crimes prosecutor. A prosecution can occur if any part of a crime takes place within US borders. A large part of the Internet's communications traffic goes through the US, even in messages that travel from one foreign country to another. More than 80% of Internet access points in Asia, Africa and South America are connected through US cities, according to Jessica Marantz of the Internet statistics firm Telegeography. The DOJ pushed for the legislation as a way to fight terrorism, and US interests overseas could be protected by the change. (Source: AP Technology, 22 November) International - The ALIZ computer virus has caused an epidemic in Kazakhstan. On 22 November, Kazakhstan Today news agency was paralyzed and numerous cases of infection by this virus, already logged in many countries around the world. The Nursat company, which is an Internet Provider in Kazakhstan, refused to comment on this issue, saying that it does not track such situations. Experts at the Alma-Media computer center said that similar virus epidemics are becoming common in the country. The last such epidemic happened in Kazakhstan six weeks ago. This time the operations of Kazakh media such as Karavan, KTK (Kazakh Commercial TV) television channel and the Kazakhstan Today news agency were fully or partially halted on 22 November. (Source: Almaty Kazakhstan Today, 23 November) According to a 17 November VNExpress, a Hanoi University student has written a network monitoring tool that combines the best features of existing anti-hacker programs. The solution is one of a new generation of indigenous software products designed by students and showcased in a nationwide contest called "Vietnam Intellect." The software reportedly captures and processes information packets that pass through network cards, analyzes telnet and e-mail services, and maintains security across networked computers more quickly and accurately than existing software. The program stores all information received on a network in a database for processing or lets the user designate which services and addresses are retained for analysis. It displays speed and statistical data about network operations to help system administrators deal effectively with stoppages. (Source; VNExpress, 23 November) Private Sector - NTR Military - NTR U.S. SECTOR INFORMATION: Telecommunications - Public safety experts and telecommunications executives are growing increasingly concerned about the possibility of attacks on the telephone system, a century-old network of copper wires and newer fiber optic strands that wind their way through critical but vulnerable hubs. Most of the concern involves the prospect of physical attacks on the 100 or so most important central offices that route voice calls and Internet traffic. Service for more than 30 million phone lines in the largest cities could be interrupted if such attacks were successful. Another important concern focuses on cyber attacks that could shut down parts of the public telephone system. Some information warfare experts also worry about the development of weapons that disrupt communications networks with electromagnetic bursts. The worries about the phone network's exposure to saboteurs have increased since the collapse of the World Trade Center caused nearby switching operations in one of the nation's busiest central offices to shut down temporarily. The National Communications System cited the increase in the number of companies that provide telecommunications services as one of the main reasons the public telephone network is less secure over all. (Source: New York Times, 23 November) According to industry players and bankers at a conference in Montpellier, France, former monopoly telecom operators are well on their way to becoming the dominant sellers of fast Internet to the home over supercharged telephone wires. According to the participants, a mix of complicated technology, failed deregulation and a cash crisis has brought a dozen or so new telecom carriers in the US and Europe to their knees. Meanwhile incumbent telecom carriers, who a year ago may have feared they would be marginalized by competition from new carriers and cable companies, are now taking a decisive lead. Incumbent operators, which already have large maintenance staff, are able to control costs much better. In the US several carriers had also passed the one million threshold, giving them scale economies hard to beat by any of the new carriers. Once the incumbent telecoms operators have squeezed out ambitious upstarts, regulators will likely come in to cut tariffs, but it will be too late to change the competitive landscape, one banker said. (Source: Reuters, 23 November) Electrical Power - A blast of winter weather chilled California on 24 November, toppling trees and knocking out power to 500,000 customers. Half a million Pacific Gas and Electric Company customers lost power on 25 November, mostly in the northern part of the state. By the evening, crews had restored electricity but lights remained out at about 119,000 homes, said company spokesman Jonathan Franks. (Source: Associated Press, 25 November) Transportation - NTR Emergency Services - NTR Water Supply - NTR Banking and Finance - NTR Government Services - NTR Gas and Oil Storage Distribution - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:32:58 PDT