CRIME FW: NIPC Daily Report, 6 December 2001

From: George Heuston (georgeh@private)
Date: Thu Dec 06 2001 - 09:20:09 PST

  • Next message: Zot O'Connor: "CRIME National Firefighter Day (Real link enclosed, psuedo SPAM warning)"

    -----Original Message-----
    From: NIPC Watch [] 
    Sent: Thursday, December 06, 2001 8:29 AM
    To: Daily/Warning Distribution
    Subject: NIPC Daily Report, 6 December 2001
    NIPC Daily Report 6 December 2001
    NOTE:  Please understand that this is for informational purposes only 
    and does not constitute any verification of the information contained in 
    the report nor does this constitute endorsement by the NIPC or the FBI.
    Significant Changes and Assessment - The NIPC continues to monitor 
    mass-mailing worm  W32/Goner.A  (See NIPC Alert 01-029, 
    "VBS/Mass-Mailing Worm, W32/Goner.A." issued 5 December 2001).  An 
    update to the original alert message is now available as NIPC Alert 
    01-029.1 (  The 
    alert update carries the full text of the Goner e-mail, along with 
    information on the worm's ability to propagate via an online instant 
    messenger (ICQ).  The update also has additional information for 
    individual and corporate users and system administrators.  Full 
    descriptions and removal instructions are located at these anti-virus 
    Web sites:  F-Secure Corp., Network Associates Inc., Symantec Corp. and 
    Trend Micro Inc.
    Private Sector - The Computer Emergency Response Team Coordination 
    Center (CERT/CC) web site recently was subjected to a distributed denial 
    of service (DDOS) attack.  The site was intermittently unreachable for 
    many Internet users.  A CERT/CC representative declined to provide 
    details about the nature of the attack, but did say that the Internet 
    worm  Goner A, which contains a denial of service component, was not 
    responsible for the attack.   Reports from Internet users suggest the 
    attack appeared primarily to affect access to the site for 
    visitors whose web page requests travel over network backbones provided 
    by AT&T.  (Sources: Newsbytes, 5 December)
    Posing as an employee of MCI Worldcom, computer security researcher 
    Adrian Lamo cracked into that company's administrative networks last 
    week and gained access to dozen's of the company's private networks. 
    Lamo said he obtained thousands of employee records, and claimed that he 
    could have compromised networks belonging to dozens of clients.  An MCI 
    spokesperson admitted the company had a security vulnerability, but said 
    no customer networks were compromised. The security flaw has been fixed. 
      (Source:, 5 December)
    Government - The US government has approved a new data encryption 
    standard to protect sensitive information in federal computer systems, 
    replacing a dated and now insecure standard implemented in 1977.  The 
    National Institute for Standards and Technology selected the Advanced 
    Encryption Standard (AES) to beef up security for a range of electronic 
    transactions,  from e?mail to e?commerce to ATM withdrawals. U.S. 
    Commerce Department Secretary Don Evans said in a written statement that 
      "the AES will help the nations protect its critical information 
    infrastructures and ensure privacy for personal information about 
    individual Americans."  The Commerce Department expects the new 
    encryption standard to remain secure "well beyond twenty years." 
    (Source:  Newsbytes, 5 December)
    International - The Australian computer industry believes that an early 
    warning issued about attachments proffering a new screensaver under the 
    subject heading "Hi" prevented the Goner A virus from causing widespread 
    network disruption in Australia.   Allan Bell, marketing manager of 
    computer security firm Network Associates, said  that despite several 
    major companies reporting they had received the virus, significant 
    damage to networks around the country was contained.  (Source: Agence 
    France Presse, 5 December)
    Electrical Power - As the power crisis eases throughout most of 
    California, energy officials warned 5 December, that San Francisco and 
    the surrounding area remains vulnerable to winter rolling blackouts. 
    The region came close to experiencing blackouts over the past two 
    weekends as unexpected plant shutdowns, increased demand and 
    transmission line limitations left the area short on power, according to 
    a top state power official.  San Francisco and San Mateo counties are 
    virtually isolated geographically from the rest of the state's power 
    grid, making it more difficult to ship additional power to the region if 
    plants in the area get knocked out of service.  In response to the close 
    calls, officials plan to intensify California's existing energy 
    conservation campaign through radio and television advertising in the 
    Bay Area and are considering incentives for businesses to shift 
    operations to off-peak hours.  (Source:  SF Chronicle, 6 December)

    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:48 PDT