CRIME FW: NIPC Daily Report, 30 November 2001

From: George Heuston (georgeh@private)
Date: Fri Nov 30 2001 - 08:34:40 PST

  • Next message: Scott Elam: "Re: CRIME secure mail programs/internet"

     
    
    -----Original Message-----
    From: NIPC Watch
    To: daily
    Sent: 11/30/01 8:15 AM
    Subject: NIPC Daily Report, 30 November 2001
    
    NIPC Daily Report 30 November 2001
    
    NOTE:  Please understand that this is for informational purposes only
    and does not constitute any verification of the information contained in
    the report nor does this constitute endorsement by the NIPC or the FBI.
    
    Significant Changes and Assessment - The National Infrastructure
    Protection Center (NIPC) issued Assessment 01-028 "Multiple
    Vulnerabilities in Microsoft Internet Explorer (IE) - All Versions."
    The NIPC continues to track vulnerabilities within IE.  This assessment
    addresses vulnerabilities that are primary means through which several
    generations of recent mass-mailer computer worms (i.e., LoveLetter,
    Nimda, Klez, Badtrans.B) propagate.  First, when Windows 95/98/NT/2000
    scripting is turned on, IE is vulnerable to an ActiveX and HTML
    exploit.  Any e-mail or Web page with scripting that includes the
    command "GetObject()" as well as an ActiveX html file can view any file
    on the user's hard drive.  A second vulnerability allows a malicious Web
    site to spoof file extensions in the download dialog box to disguise a
    malware file as a text, image, audio, or other file type. In this
    scenario, the user will see a dialog window open, asking if the user
    wants to "Open" or "Save."  Microsoft has made available a patch for
    Outlook and Outlook Express to prevent this exploit from automatically
    executing, which can be found at:
    http://www.microsoft.com/technet/security/bulletin/ms01-020.asp.
    Further information and the advisory can be found by visiting
    http://www.nipc.gov/warnings/assessments/2001/01-028.htm.
    
    Government - On 28 November, President Bush signed into law the
    Commerce, State, Justice appropriations bill, a FY2002 spending package
    that contains significant funding for a range of cyber-security and
    online crime-fighting programs.  The $41.6 billion appropriations
    measure includes funding for programs to fight cyber-crime, child
    pornography, and intellectual property theft.  The package also includes
    money for technology research programs.  The bill directs US attorneys
    to provide a total of $10 million for cyber-crime and enforcement
    against intellectual property violations, such as software piracy.
    (Source: Newsbytes, 29 November)
    
    Although the US  government's plan to build its own private Internet --
    safe from hackers, viruses, and the public at large -- has drawn ire
    from some critics who wonder what's wrong with what we've got.  The
    government said  that it has received a strong response from its Request
    For Information (RFI) and is moving to the next phase. General Services
    Administration (GSA) issued the information request to the
    telecommunication industry last month on how best to build "GovNet" on
    behalf of the special adviser to the president for cyberspace security.
    The deadline for the RFI passed last week and the government said that
    it had received 167 responses from companies. GSA will now organize a
    team comprised of representatives from 16 federal agencies to evaluate
    the submissions and will report back to the White House by February.  (
    Source: Government Computer News, 29 November)
    
    The Department of Justice (DOJ) is already using new anti-terrorism
    powers to monitor cable modem users without obtaining a judge's
    permission first.  A top Bush administration official lauded the
    controversial USA Patriot Act at a Senate hearing on 28 November, saying
    that the new abilities have let police obtain information in
    investigations that was previously unavailable.  "We would not have been
    able to do (this) under prior law without a specific court order," said
    Michael Chertoff, Assistant Attorney General at the DOJ's criminal
    division.  Previously, federal law said that "a cable operator shall not
    disclose personally identifiable information concerning any
    subscriber."  Section 211 of the USA Patriot Act changes the law to
    read: "A cable operator may disclose such information if the disclosure
    is ... to a government entity."  Other USA Patriot Act sections mean
    that police can obtain an Internet Protocol address, which identifies a
    cable modem subscriber, as readily as they can learn someone's telephone
    number. ( Source:  Wired  News, 29 November)
    
    International - The Badtrans virus, which was first detected on 23
    November, is now 14 times bigger than SirCam, and has spread from
    Britain to more than 140 countries worldwide in the past four days.
    Computer experts are warning that the virus originated in the UK.  The
    National Hi-Tech Crime Unit is investigating its origins, said
    spokeswoman Judy Prue.  The Unit is working in collaboration with other
    countries' law enforcement agencies, she confirmed.  Mark Sunner from
    anti-virus technology company MessageLabs said that it was highly likely
    the program had been deliberately created by a British hacker.
    (Source:  London Press Association, 29 November)
    
    Private Sector - NTR
    
    Military - The Defense Department's Computer Investigations Training
    Program has awarded an eight-year, $86.8 million task order to Computer
    Sciences Corporation to train DOD cybercrime fighters.  CSC will support
    the program's efforts to train law enforcement professionals in computer
    investigations.  The contract was awarded under the General Services
    Administration/Federal Technology Service's Millennia contract.  The
    training is expected to be valuable for homeland defense and could prove
    to be popular with other federal law enforcement agencies. Courses will
    cover computer search and seizure, computer intrusions and forensic
    computer media analysis. (Source: Federal Computer Week, 30 November)
    
    
    U.S. SECTOR INFORMATION:
    
    Transportation -  The International Civil Aviation Organization, the UN
    agency that oversees civil aviation will hold a high-level conference in
    Montreal Canada, on 19-20 February, aimed at improving air safety
    following the terrorist attacks.  The meeting will bring together
    transportation ministers and other top officials from the agency's 187
    nations.  According to a statement issued on 29 November, they will
    review existing safety regulations and seek spending commitments from
    governments, international organizations and the airline industry to
    implement further measures considered necessary.  (Source: Associated
    Press, 30 November)
    
    Banking and Finance -NTR
    Electrical Power -NTR
    Emergency Services - NTR
    Water Supply - NTR
    Telecommunications - NTR
    Gas and Oil Storage Distribution - NTR
    Government Services - NTR
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:03 PDT