-----Original Message----- From: NIPC Watch To: Daily/Warning Distribution Sent: 12/14/01 7:16 AM Subject: NIPC Daily Report, 14 December 2001 NIPC Daily Report 14 December 2001 NOTE: Please understand that this is for informational purposes only and does not constitute any verification of the information contained in the report nor does this constitute endorsement by the NIPC or the FBI. This report offers interested readers situational awareness of issues impacting the integrity and capability of the nation's critical infrastructures. The NIPC Watch and Warning Unit will provide current and relevant information about actual or potential threats to the critical infrastructures, as necessary. Developments - Several antivirus firms are warning about Gokar, a new worm that uses Internet relay chat application mIRC and Microsoft Outlook to propagate. The Asian office of Trend Micro, which appears to be the first antivirus firm to issue a customer warning about Gokar, says the virus is 14,366 bytes long, and executes on Win 95/98/NT/2000 and ME platforms. Gokar is detectable. Generally, if the virus is present then an associated file called karen.exe appears in the main Windows directory. Trend Micro says if the infected machine is working as a Web server, the worm will modify the Internet Information Server starting page to offer Web.exe as a downloadable file to all visits to the web site. (Newsbytes, 13 December) Security experts have identified a security hole in operating systems manufactured by Sun and IBM that could allow hackers to take control of networks running those softwares. The hole affects the "login" program on all versions of Sun Solaris, and on versions 4.3 and 5.1 of IBM's AIX. Internet Security Systems published details of the vulnerability after learning that instructions for exploiting the security hole were circulating on the Web. (Newsbytes, 13 December) Transportation - In a list of recommended preventative security measures sent to Transportation Secretary Norman Maneta, the aviation industry proposes the government scrutinize persons buying or renting an aircraft with the names appearing on law enforcement "watch lists". The industry also recommends reviewing records of US pilots to make sure they are not members or supporters terror groups, and verifying the identification and credentials of pilots and would?be pilots of small planes. (CNN, 13 December) Rep. John Cooksey, R-La, has proposed a bill (H.R. 3432) that would require the Coast Guard to place Sea Marshals at the nation's 20 most vulnerable ports. The legislation, if passed, would allow the hiring of 1,000 new Sea Marshals. (Government Executive, 13 December) A shortage of trained security personnel forced the shutdown of a US Airways terminal at Boston's Logan International Airport on 13 December. Massachusetts Port Authority (Massport) spokesman Phil Orlandella said that the Federal Aviation Administration (FAA) had notified state police at the airport that one of the US Airways checkpoints was inadequately staffed. "That prompted us to take precautions and evacuate the US Airways," Orlandella said. The checkpoint was staffed by Argenbright Security, which is scheduled to halt operations at all Massport properties on 14 December because of several other security lapses at Logan. (CNN, 13 December)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:37:37 PDT