-----Original Message----- From: NIPC Watch To: daily Sent: 11/30/01 8:15 AM Subject: NIPC Daily Report, 30 November 2001 NIPC Daily Report 30 November 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Significant Changes and Assessment - The National Infrastructure Protection Center (NIPC) issued Assessment 01-028 "Multiple Vulnerabilities in Microsoft Internet Explorer (IE) - All Versions." The NIPC continues to track vulnerabilities within IE. This assessment addresses vulnerabilities that are primary means through which several generations of recent mass-mailer computer worms (i.e., LoveLetter, Nimda, Klez, Badtrans.B) propagate. First, when Windows 95/98/NT/2000 scripting is turned on, IE is vulnerable to an ActiveX and HTML exploit. Any e-mail or Web page with scripting that includes the command "GetObject()" as well as an ActiveX html file can view any file on the user's hard drive. A second vulnerability allows a malicious Web site to spoof file extensions in the download dialog box to disguise a malware file as a text, image, audio, or other file type. In this scenario, the user will see a dialog window open, asking if the user wants to "Open" or "Save." Microsoft has made available a patch for Outlook and Outlook Express to prevent this exploit from automatically executing, which can be found at: http://www.microsoft.com/technet/security/bulletin/ms01-020.asp. Further information and the advisory can be found by visiting http://www.nipc.gov/warnings/assessments/2001/01-028.htm. Government - On 28 November, President Bush signed into law the Commerce, State, Justice appropriations bill, a FY2002 spending package that contains significant funding for a range of cyber-security and online crime-fighting programs. The $41.6 billion appropriations measure includes funding for programs to fight cyber-crime, child pornography, and intellectual property theft. The package also includes money for technology research programs. The bill directs US attorneys to provide a total of $10 million for cyber-crime and enforcement against intellectual property violations, such as software piracy. (Source: Newsbytes, 29 November) Although the US government's plan to build its own private Internet -- safe from hackers, viruses, and the public at large -- has drawn ire from some critics who wonder what's wrong with what we've got. The government said that it has received a strong response from its Request For Information (RFI) and is moving to the next phase. General Services Administration (GSA) issued the information request to the telecommunication industry last month on how best to build "GovNet" on behalf of the special adviser to the president for cyberspace security. The deadline for the RFI passed last week and the government said that it had received 167 responses from companies. GSA will now organize a team comprised of representatives from 16 federal agencies to evaluate the submissions and will report back to the White House by February. ( Source: Government Computer News, 29 November) The Department of Justice (DOJ) is already using new anti-terrorism powers to monitor cable modem users without obtaining a judge's permission first. A top Bush administration official lauded the controversial USA Patriot Act at a Senate hearing on 28 November, saying that the new abilities have let police obtain information in investigations that was previously unavailable. "We would not have been able to do (this) under prior law without a specific court order," said Michael Chertoff, Assistant Attorney General at the DOJ's criminal division. Previously, federal law said that "a cable operator shall not disclose personally identifiable information concerning any subscriber." Section 211 of the USA Patriot Act changes the law to read: "A cable operator may disclose such information if the disclosure is ... to a government entity." Other USA Patriot Act sections mean that police can obtain an Internet Protocol address, which identifies a cable modem subscriber, as readily as they can learn someone's telephone number. ( Source: Wired News, 29 November) International - The Badtrans virus, which was first detected on 23 November, is now 14 times bigger than SirCam, and has spread from Britain to more than 140 countries worldwide in the past four days. Computer experts are warning that the virus originated in the UK. The National Hi-Tech Crime Unit is investigating its origins, said spokeswoman Judy Prue. The Unit is working in collaboration with other countries' law enforcement agencies, she confirmed. Mark Sunner from anti-virus technology company MessageLabs said that it was highly likely the program had been deliberately created by a British hacker. (Source: London Press Association, 29 November) Private Sector - NTR Military - The Defense Department's Computer Investigations Training Program has awarded an eight-year, $86.8 million task order to Computer Sciences Corporation to train DOD cybercrime fighters. CSC will support the program's efforts to train law enforcement professionals in computer investigations. The contract was awarded under the General Services Administration/Federal Technology Service's Millennia contract. The training is expected to be valuable for homeland defense and could prove to be popular with other federal law enforcement agencies. Courses will cover computer search and seizure, computer intrusions and forensic computer media analysis. (Source: Federal Computer Week, 30 November) U.S. SECTOR INFORMATION: Transportation - The International Civil Aviation Organization, the UN agency that oversees civil aviation will hold a high-level conference in Montreal Canada, on 19-20 February, aimed at improving air safety following the terrorist attacks. The meeting will bring together transportation ministers and other top officials from the agency's 187 nations. According to a statement issued on 29 November, they will review existing safety regulations and seek spending commitments from governments, international organizations and the airline industry to implement further measures considered necessary. (Source: Associated Press, 30 November) Banking and Finance -NTR Electrical Power -NTR Emergency Services - NTR Water Supply - NTR Telecommunications - NTR Gas and Oil Storage Distribution - NTR Government Services - NTR
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:03 PDT