-----Original Message----- From: Goerling, Richard J. LT (TAD to CGIC Portland) [mailto:RIGoerling@private] Sent: Friday, December 07, 2001 7:53 AM To: 'CCBIG-FAC'; 'CRIME-A'; 'NW-IPG ListServe' Subject: [Nw-ipwg] FW: NIPC Daily Report, 7 December 2001 -----Original Message----- From: NIPC Watch [ mailto:nipc.watch@private <mailto:nipc.watch@private> ] Sent: Friday, December 07, 2001 6:51 AM To: Daily/Warning Distribution Subject: NIPC Daily Report, 7 December 2001 NIPC Daily Report 7 December 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. Private Sector - According to Michael Erbschloe, vice president of research for Carlsbad, California-based Computer Economics, a company that analyzes the economic impact of viruses, the repercussions of the Goner A virus should turn out to be minimal. An estimated 800,000 computers worldwide received the Goner worm, but the infection rate remained relatively low, only 7 percent, or 56,000. The clean up after Goner is estimated to cost about $5 million, much less than the cost of Code Red ($2.6 billion) and SirCam ($1 billion). Mr. Erbschloe said infection rates have dropped since Love Bug because anti-virus vendors and corporations have moved to more automated processes for cleaning up viruses. (Source: The New York Times, 7 December) Microsoft has released Security Bulletin MS01-057, highlighting the vulnerabilities of Outlook Web Access (OWA), a service of Exchange 5.5 Server. OWA allows users to access and manipulate messages in their Exchange mailbox by using a Web browser. According to Microsoft, OWA is vulnerable to attack via the in-line script used to open messages and execute functions on the server. Essentially, an attacker might exploit the script vulnerability to turn a user's Exchange mailbox against the user by sending specially crafted messages back to the user, or by sending, moving, or deleting the user's mail. While it is possible for a script to send a message as the user, it is impossible for the script to send a message to addresses in the user's address book. Thus the flaw cannot be exploited for mass-mailing attacks. In order for an attacker to mount a successful attack, the intruder would need knowledge of the intended victim's choice of mail clients and reading habits. If the maliciously crafted message were read in any mail client other than a browser through OWA, the attack would fail. Additional information and a patch is available at http://www.microsoft.com/technet/security/bulletin/ms01-057.asp <http://www.microsoft.com/technet/security/bulletin/ms01-057.asp> . (Source: Microsoft Corporation, 6 December) Government - According to Richard Clarke, special cybersecurity adviser for President Bush, next month the federal government will begin mapping the links between networks that control critical infrastructures to help companies and government agencies react quickly to cyber and physical threats. The National Infrastructure Simulation and Analysis Center will provide a map of all the interdependent telecom and IT networks, gas pipelines, railroad systems and electric power lines. The map will help security analysts better understand the effect that one part of the nation's infrastructure may have on another. (Source: Internet Week, 6 December) The US House Science Committee voted to increase spending on high?tech research by 10% per year over the next five years, and require government agencies to coordinate their research efforts. The Science Committee also agreed to devote $105.7 million to new cyber-security programs in fiscal year 2003, increasing each year to $229 million in fiscal 2007. The new funds would come on top of the roughly $60 million the federal government currently devotes to network security. (Source: Reuter, 6 December) US District Judge Royce Lamberth ordered the shut down an Indian trust system to protect hundreds of millions of dollars in a government?run trust fund for American Indians. The emergency order came after a report detailed how easily a court?appointed investigator was able to hack into the accounting system at the Interior Department and manipulate financial data. The government computer system is essentially a bank that manages $500 million a year in royalties from land owned by 300,000 American Indians. Judge Lamberth said that Interior's system had no firewalls to prevent intrusions, systems to detect hackers, or auditing methods to determine if account information had been manipulated. (Source: Associated Press, 5 December) International - Four members of the notorious hacker group "Spiders" were arrested by officers in Moscow. When caught, the four were buying goods from Internet stores using other people's plastic cards. The Spiders banded together two years ago and got hold of credit cards through various channels. After first revising the payment document using the name of some itinerant, they would make expensive purchases in Internet stores. They exchanged information with like?minded people in the West, notably passing on information about other people's plastic cards to forgers. Authorities estimate that the hackers committed more than 70 thefts from stores to a total value of approximately $100,000. (Source: Moskovskiy Komsomolets, 6 December)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:49 PDT