CRIME NIPC DAILY REPORT FOR 4 MARCH 2002

From: George Heuston (GeorgeH@private)
Date: Mon Mar 04 2002 - 07:33:43 PST

  • Next message: Mary Mack: "CRIME Managed external security"

     
    -----Original Message-----
    From: NIPC Watch
    To: Daily Distribution
    Sent: 3/4/02 5:04 AM
    Subject: NIPC DAILY REPORT FOR 4 MARCH 2002
    
    NIPC Daily Report	                         04 March 2002
    
    The NIPC Watch and Warning Unit compiles this report to inform 
    recipients of issues impacting the integrity and capability of the 
    nation's critical infrastructures.
    
    Shadow government is at work in secret.  President Bush has dispatched a
    
    shadow government of about 100 senior civilian managers to live and work
    
    secretly outside Washington, activating for the first time long-standing
    
    plans to ensure survival of federal rule after catastrophic attack on 
    the nation's capital. Execution of the classified "Continuity of 
    Operations Plan" resulted from heightened fears that the al Qaeda 
    terrorist network might obtain a portable nuclear weapon.  US 
    intelligence has no specific knowledge of such a weapon, but the risk is
    
    thought great enough to justify the shadow government's disruption and 
    expense. Only the executive branch is represented in the full-time 
    shadow administration. The other branches of constitutional government, 
    Congress and the judiciary, have separate continuity plans but do not 
    maintain a 24-hour presence in fortified facilities.  (Washington Post, 
    1 Mar)
    
    Electric power system called vulnerable.  Computers that control 
    electric power systems around the country have been probed from the 
    Middle East, and terrorists may have inspected physical equipment, say 
    experts at a conference on electric systems security. Government experts
    
    identified nuclear power plants as perhaps the most attractive targets, 
    but said dams, gas pipelines and oil refineries were not far behind. 
    Federal officials urged companies that generate, transmit and distribute
    
    electricity to take steps to increase security. (New York Times, 28 Feb)
    
    Digital signature technology wins agency seal of approval.  Energy 
    Secretary Spencer Abraham sent President Bush his formal recommendation 
    to use Yucca Mountain as a nuclear-waste storage site, using digital 
    signature technology, the equivalent of a fingerprint that authenticates
    
    the owner of an online document.  Sending the 9,500-page document 
    electronically saved the department nearly $1 million in copying costs. 
    The Electronic Signatures in Global and National Commerce Act, signed 
    into law in July 2002, is a federal mandate for online contracts and 
    signatures.   (Washington Post, 1 Mar)
    
    University lab security checked.  Federal investigators from the 
    Department of Health and Human Services are examining university labs 
    across the country for vulnerabilities to hackers or thieves who are 
    looking for potential bioterrorist weapons.  The inspections were 
    prompted by concern that poor security at one or more biological 
    laboratories may have contributed to the still-unsolved anthrax attacks.
    
    The inspections focus on physical security, such as the potential for 
    unauthorized people to obtain hazardous material, as well as information
    
    technology, including information stored on computers and whether it's 
    accessible from the university's main systems.  (Associated Press, 1
    March)
    
    Travelers support ID cards, sharing info.  The US public seems prepared 
    to embrace even more extreme measures to ensure safety.  Travelocity.com
    
    polled 3,400 members who had traveled since 11 September, 76 percent of 
    frequent travelers reported that they would support the implementation 
    of a "Trusted Traveler" identification card that stores information such
    
    as their photo, fingerprints, personal history, facial and retinal scans
    
    and travel history. Seventy percent of the frequent travelers polled 
    said that they strongly support granting federal law enforcement 
    officials access to all their travel reservations booked through 
    agencies and other suppliers.  (IDG News, 28 Feb)
    
    Flaw weakens Linux security software.  Programmers have found a flaw in 
    a component of  Netfilter firewall software that could grant malicious 
    users access to protected networks.  The vulnerability affects versions 
    2.4.14 through 2.4.18pre-9 of the Linux kernal.  The flawed component is
    
    involved when two computer users chat directly with each other using the
    
    Internet Relay Chat (IRC) system. The flawed software isn't installed by
    
    default on Red Hat versions 7.1 and 7.2.  Red Hat has issued a patch 
    that corrects the problem. (CNET News, 28 Feb)
    Bill gives government greater access to e-mail. If a bill approved by 
    the House Judiciary Committee becomes law, any government entity--not 
    just law enforcement agencies--will be able to receive e-mail and other 
    electronic communications without a court order, so long as a service 
    provider believes an emergency requires its disclosure without delay. 
    The measure is part of a larger initiative aimed at reducing 
    computer-related crime.  (eWeek, 28 Feb)
    
    Agency raises the bar on tech security. The Center for Internet 
    Security, a non-profit computer-security think-tank, has released free 
    software that finds network vulnerabilities and common security holes. 
    The center also makes available a tool designed to bring an operating 
    system in compliance with established security benchmarks. (USA TODAY, 
    28 Feb)
    
    Cyber Security Enhancement Act to be re-written. Citing the possibility 
    of terrorists wreaking havoc electronically, the House Judiciary 
    subcommittee on crime voted 8-0 to expand the types of hacking crimes 
    that would be punished by life imprisonment.  (Wired News, 28 Feb)
    
    Vendors meet roadblocks in the war on terrorism.  Vendors claim they 
    have solutions that can help with homeland security, but the lack of a 
    government-wide decision authority prohibits their implementation.  The 
    federal government doesn't have a CIO that is empowered to make 
    government-wide decisions on IT strategies, and the one agency charged 
    with homeland security doesn't have the authority to make budget 
    decisions. (InformationWeek, 28 Feb)
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:08 PDT