-----Original Message----- From: NIPC Watch To: Daily Distribution Sent: 3/8/02 4:47 AM Subject: NIPC DAILY REPORT FOR 8 MARCH 2002 NIPC Daily Report 08 March 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures. Computer virus infections continue to climb. US corporations continue to experience a steady increase in the number of security incidents involving computer viruses and worms. ICSA Labs' 7th annual survey of 300 North American organizations found nearly 1.2 million incidents involving destructive computer code on approximately 666,327 machines during the 20 months from January 2000 through August 2001. (Newsbytes, 6 Mar) US to curb computer access by foreigners. Sparked by heightened security concerns, the Defense Department has begun laying the groundwork to ban non-US citizens from a wide range of computer projects. The planned policy, to be adopted 90 days, extends restrictions on foreign nationals handling secret information to "sensitive but unclassified positions," which includes the swelling numbers of contract workers who process paychecks, write software, track supplies and maintain e-mail systems. The move comes amid a growing awareness of the vulnerability of government computer systems in an era when software espionage and malicious hacking have become commonplace. (LA Times, 7 Mar) Agencies outline security changes. Federal agencies are reviewing old security programs and kicking off new ones in response to deficiencies discovered during self-assessments required by Congress. Energy and Defense department officials outlined several major changes in their information security policies and practices as they testified before a hearing of the House Government Reform Committee's Government Efficiency, Financial Management and Intergovernmental Relations Subcommittee. The changes include system certification, employee training and policy compliance programs. (FCW, 7 Mar) US would ensure backup systems for GPS. A September Transportation Department report warned that users of GPS technology should be prepared for outages, and advised keeping ground-based navigation aids on line to back-up GPS systems. The study also found that the relatively weak GPS signal is vulnerable to tampering and unintentional disruption from atmospheric effects. Transportation Secretary Norman Mineta said that the department would maintain partnership with the Pentagon to modernize satellite navigation systems used in civil transportation. The department also plans to study GPS applications over the long term, and obtain new technology to prevent jamming or other intentional interference. (Reuters, 7 Mar) Spies can exploit computer lights and monitor glow. By monitoring the flashing lights on electronics equipment and the indirect glow from monitors, scientists have discovered ways to remotely eavesdrop on computer data. The two methods are relatively simple to carry out, but also easy to prevent, according to scientific papers written by researchers in the United States and Britain. One study details how flickering light from a common screen reflected off a wall can reveal whatever appears on the screen of a PC monitor. Computer users who rely on external modems with blinking lights to connect to the Internet are also vulnerable. Dial-up modems running at up to 56 kilobits per second are at risk. Higher-speed connections using cable modems or digital phone lines appear safe. (Reuters, 8 Mar) Gibe worm poses as a Microsoft update. What appears to be a new security update from Microsoft is actually a clever attempt by a virus writer to spread a worm. Gibe (w32.gibe@mm) is a non-destructive worm written in Visual Basic that attempts to mass-mail itself to everyone in an address book. Fortunately, the infected e-mail is plagued with spelling errors and should be easy to spot. Gibe may be altered to introduce a backdoor Trojan horse that could allow malicious users into a PC. Alert users who monitor their systems with a firewall may notice unusual traffic on port 12387 as a result of Gibe. (ZDNet, 7 Mar)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:14 PDT