CRIME FW: [Nw-ipwg] FW: NIPC Daily Report, 7 December 2001

From: George Heuston (georgeh@private)
Date: Fri Dec 07 2001 - 09:10:25 PST

  • Next message: George Heuston: "CRIME Meeting Next Tues 11 Dec @10am@Verizon -- 2nd Call"

    -----Original Message-----
    From: Goerling, Richard J. LT (TAD to CGIC Portland)
    Sent: Friday, December 07, 2001 7:53 AM
    To: 'CCBIG-FAC'; 'CRIME-A'; 'NW-IPG ListServe'
    Subject: [Nw-ipwg] FW: NIPC Daily Report, 7 December 2001
    -----Original Message----- 
    From: NIPC Watch [ <> ] 
    Sent: Friday, December 07, 2001 6:51 AM 
    To: Daily/Warning Distribution 
    Subject: NIPC Daily Report, 7 December 2001 
    NIPC Daily Report 7 December 2001 
    NOTE:  Please understand that this is for informational purposes only 
    and does not constitute any verification of the information contained in 
    the report nor does this constitute endorsement by the NIPC or the FBI. 
    Private Sector -  According to Michael Erbschloe, vice president of 
    research for Carlsbad, California-based Computer Economics, a company 
    that analyzes the economic impact of viruses, the repercussions of the 
    Goner A virus should turn out to be minimal.  An estimated 800,000 
    computers worldwide received the Goner worm, but the infection rate 
    remained relatively low, only 7 percent, or 56,000.  The clean up after 
    Goner is estimated to cost about $5 million, much less than the cost of 
      Code Red ($2.6 billion) and SirCam ($1 billion).  Mr. Erbschloe said 
    infection rates have dropped since Love Bug because anti-virus vendors 
    and corporations have moved to more automated processes for cleaning up 
    viruses.  (Source:  The New York Times, 7 December) 
    Microsoft has released Security Bulletin MS01-057, highlighting the 
    vulnerabilities of  Outlook Web Access (OWA), a service of Exchange 5.5 
    Server.  OWA allows users to access and manipulate messages in their 
    Exchange mailbox by using a Web browser.  According to Microsoft, OWA is 
    vulnerable to attack via the in-line script used to open messages and 
    execute functions on the server.  Essentially, an attacker might exploit 
    the script vulnerability to turn a user's Exchange mailbox against the 
    user by sending specially crafted messages back to the user, or by 
    sending, moving, or deleting the user's mail.  While it is possible for 
    a script to send a message as the user, it is impossible for the script 
    to send a message to addresses in the user's address book.  Thus the 
    flaw cannot be exploited for mass-mailing attacks.  In order for an 
    attacker to mount a successful attack, the intruder would need 
    knowledge of the intended victim's choice of mail clients and reading 
    habits.  If the maliciously crafted message were read in any mail client 
    other than a browser through OWA, the attack would fail.  Additional 
    information and a patch is available at
    <> . 
    (Source:  Microsoft Corporation, 6 December) 
    Government - According to Richard Clarke, special cybersecurity  adviser 
    for  President Bush, next month the federal government will begin 
    mapping the links between networks that control critical infrastructures 
    to help companies and government agencies react quickly to cyber and 
    physical threats.  The National Infrastructure Simulation and Analysis 
    Center will provide a map of all the interdependent telecom and IT 
    networks, gas pipelines, railroad systems and electric power lines.  The 
    map will help security analysts better understand the effect that one 
    part of the nation's infrastructure may have on another.  (Source: 
    Internet Week, 6 December) 
    The US House Science Committee voted to increase spending on high?tech 
    research by 10% per year over the next five years, and require 
    government agencies to coordinate their research efforts.  The Science 
    Committee also agreed to devote $105.7 million to new cyber-security 
    programs in fiscal year 2003, increasing each year to $229 million in 
    fiscal 2007.  The new funds would come on top of the roughly $60 million 
    the federal government currently devotes to network security.  (Source: 
      Reuter, 6 December) 
    US District Judge Royce Lamberth ordered the shut down an Indian trust 
    system to protect hundreds of millions of dollars in a government?run 
    trust fund for American Indians.  The emergency order came after a 
    report detailed how easily a court?appointed investigator was able to 
    hack into the accounting system at the Interior Department and 
    manipulate financial data.  The government computer system is 
    essentially a bank that manages $500 million a year in royalties from 
    land owned by 300,000 American Indians.   Judge Lamberth said that 
    Interior's system had no firewalls to prevent intrusions, systems to 
    detect hackers, or auditing methods to determine if account information 
    had been manipulated.  (Source:  Associated Press, 5 December) 
    International - Four members of the notorious hacker group "Spiders" 
    were arrested  by officers in Moscow.  When caught, the four were buying 
    goods from Internet stores using other people's plastic cards.  The 
    Spiders banded together two years ago and got hold of credit cards 
    through various channels.  After first revising the payment document 
    using the name of some itinerant, they would make expensive purchases in 
    Internet stores.  They exchanged information with like?minded people in 
    the West, notably passing on information about other people's plastic 
    cards to forgers.  Authorities estimate that the hackers committed more 
    than 70 thefts from stores to a total value of approximately $100,000. 
    (Source:  Moskovskiy Komsomolets, 6 December) 

    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:49 PDT