CRIME FW: NIPC Daily Report for 26 March 2002

From: George Heuston (GeorgeH@private)
Date: Tue Mar 26 2002 - 07:12:57 PST

  • Next message: Dorning, Kevin E - DI-2: "CRIME Need some assistence"

    -----Original Message-----
    From: NIPC Watch
    To: Daily Distribution
    Sent: 3/26/02 6:02 AM
    Subject: NIPC Daily Report for 26 March 2002
    
    NIPC Daily Report	                           26 March 2002
    
    The NIPC Watch and Warning Unit compiles this report to inform 
    recipients of issues impacting the integrity and capability of the 
    nation's critical infrastructures.
    
    Guards and security firm to withdraw from airports. National Guard 
    troops are being phased out at the passenger checkpoints at O'Hare 
    International Airport, and a security company involved in airport 
    breaches nationwide will be gone from the airport by the end of the 
    month, federal officials said on 21 March. The Guard troops that have 
    been stationed at O'Hare and Midway Airports since the 11 September 
    terrorist attacks are being shifted in phases to other duties. Their 
    role is expected to be filled temporarily by local law?enforcement 
    agencies. The redeployment, which began this month and will be completed
    
    by the end of May, is part of a move by the Transportation Security 
    Administration to eventually replace private security screeners and 
    military personnel at the nation's airports with an all?federal 
    workforce. To bridge the gap as it scrambles to fill the jobs, the 
    agency has relied on temporary measures, including expanding the use of 
    the private security firms that have been staffing airport checkpoints. 
    (Chicago Tribune, 22 Mar)
    
    Ridge says Redstone not a target. Tom Ridge, Director of Homeland 
    Security, says residents of Huntsville, Alabama have no cause to be 
    alarmed that the nearby Redstone Arsenal could be a terrorist target. 
    Despite the arsenal's lead role in developing the Army's missile 
    defenses, "there's not been any indication right now that that 
    particular facility" is the subject of such a threat, Ridge said. 
    Redstone Arsenal has been on security level Charlie, the second?highest 
    military alert level, since 11 September, said Bob Hunt, spokesman for 
    the Army's Aviation and Missile Command on Redstone. (Associated Press 
    and Huntsville Times, 21 Mar)
    
    Congressman says nation's nuclear power plants susceptible to 
    terrorists. Intelligence gathered by US agencies indicates that Usama 
    bin Laden's al Qaeda network may be plotting a nuclear plant attack and 
    Massachusetts Representative Edward Markey asserts that the Nuclear 
    Regulatory Commission has not sufficiently improved security since the 
    terrorist attacks.  In his report, "Security Gap: A Hard Look at the 
    Soft Spots in Our Civilian Nuclear Reactor Security," Markey takes aim 
    at the vetting process nuclear plants use to screen employees' 
    background, claiming that the NRC doesn't check workers for possible 
    terrorist ties. He also raises concerns that nuclear plants are not 
    adequately protected against an intentional direct hit from a hijacked 
    aircraft, and that such a strike could cause substantial damage and 
    result in multiple-failure events. Markey criticized the NRC for 
    refusing to deploy military anti-aircraft installations around nuclear 
    plants to shoot down threatening planes. (Associated Press, Reuters, 
    Washington Post, 25 Mar)
    
    Terrorism fears push Md. toward wider police power. Maryland's House of 
    Delegates is preparing to pass anti?terrorism legislation that would 
    dramatically expand police ability to tap phones and eavesdrop on the 
    e?mail and Internet activity of suspected criminals. Most of what is 
    occurring involves a localized repackaging of federal anti?terrorism 
    laws, passed by Congress in October as the USA?Patriot Act. Like the 
    Patriot Act, proposals in Maryland permit law enforcement officials to 
    get court orders to retrieve records of e?mails and other electronic 
    communications, not just telephone records. Maryland's proposal would 
    also expand police ability to tap phones by allowing investigators to 
    plant a listening device indefinitely, not just 30 days. It would, for 
    the first time, permit use of a "roving wire tap" to record a suspect's 
    conversations on multiple phones with a single warrant. It would also 
    allow a judge to seal search warrants for up to a year. (Washington 
    Post, 25 Mar)
    
    OS X can bypass PDF security.  Mac OS X's Preview application can bypass
    
    all the security settings in a PDF file.  By opening an encrypted PDF in
    
    Preview, it is possible to re-save it as a new PDF but without the 
    original security settings.  A PDF file with original disabled 
    permissions to copy, print, change or extract data from the file can be 
    opened and saved via 'Print in Preview' and 'Save As File.'  The problem
    
    lies not with PDF, but with Preview.  Once the document has been opened 
    and decrypted successfully, the viewer application has access to the 
    entire contents of the document. (MacUser, 22 Mar)
    
    WWU Analytical Comment: This highlights a security problem that crosses 
    all operating systems and applications. The combination of different 
    operating systems, applications, and data types creates security 
    vulnerabilities that are multiplied in nature.  Example: A 
    "single-vulnerability" application run across three "zero-vulnerability"
    
    operating systems, creates not just the one application weakness, but 
    three separate security issues.
    
    Police slam Heathrow security after million dollar heists. On 20 March, 
    thieves escaped with over NZ$7.5milliom in cash that had arrived on a 
    South African Airways flight after hijacking a security van in a 
    supposedly secure part of the airport.  The raid mimicked a similar 
    heist last month when robbers escaped with NZ$15.5 million in foreign 
    currency after targeting a British Airways security van.  In both cases 
    the thieves would have needed special "airside" identification cards to 
    have entered secure areas.  In the past few months there have been a 
    number of security failures exposed at international airports. On 
    Wednesday a magazine reported that German police had smuggled guns and 
    explosives past airport security in tests at continental Europe's 
    busiest hub, Frankfurt International. (Reuters, 22 Mar)
    
    Cocaine found on jet food cart; discovery raises fears about security. 
    Investigators found $4 million worth of cocaine in a food service cart 
    that came off an American Airlines flight at Miami International Airport
    
    on last Thursday, exposing a vulnerable spot in airport security.  The 
    discovery points to flaws in the transportation security system:  the 
    easy access that food service operations and other support services 
    provide to smugglers and terrorists.  Currently, there is no security in
    
    place during food preparation, transportation of food,  and loading of 
    the food onto planes. (Sun-Sentinel, 22 Mar)
    
    Guns and knives got through airport.  The Transportation Department 
    Inspector General found airport security screeners on several dozen 
    occasions failed to catch guns and simulated explosives. According to 
    the IG's report, screeners missed knives 70 percent of the time, guns 30
    
    percent of the time, and simulated explosives 60 percent of the time. 
    The security system tests were conducted at 32 airports while screening 
    checkpoints were still supervised by the airline industry with oversight
    
    by the Federal Aviation Administration.  Former FAA security chief 
    Billie Vincent said the report was not surprising, considering the 
    checkpoints were staffed by the same low-paid, poorly trained screeners 
    who were there before 11 September.  (Associated Press, 25 Mar)
    
    WWU Analytical Comment: The three airport security articles above 
    illustrate how the skill and motivation of low-paid security staff 
    impact security.  The high-profile concern of low-paying security 
    positions has not been extended to include catering, custodial, or 
    baggage handling services.  Despite tougher security measures introduced
    
    since 11 September, planes remain vulnerable to terrorism because of 
    human error and lax attitudes towards security in non-security 
    occupations.  The security at any domestic airport is at risk to the 
    extent of vulnerabilities at any other airport worldwide.
    
    Russian university trains anti-hacking security experts. Russian 
    counterintelligence agents say that there is a shortage of high-class 
    computer security experts in the region.  Special departments have been 
    set up this year at two Omsk higher education establishments to train 
    such experts.  The length of study here is longer than the norm - six 
    years.  The students are getting unique knowledge in the area of 
    cryptography, system programming and security-force secrets.  Alexander 
    Guts, head of the computer security department, Omsk State University; 
    "The main thing for us is to train experts who are capable of protecting
    
    our information resources. At the same time, we must do everything to 
    ensure that no hackers appear among our students." (BBC, Text of report 
    by Russian Centre TV on 20 Mar)
    
    WWU Analytical Comment: This article illustrates three important 
    concerns for computer security professionals.  First, the continued 
    existence and growing expertise of malicious programmers from Russia and
    
    the former Soviet Union.  The increasing use of organized attacks and 
    grid-computing create formidable challenges for system administrators. 
    Second, the length of this course is unprecedented.  The quantity and 
    probable quality of a curriculum this long should produce extremely 
    skilled personnel.  That is the third area of concern.  Despite the 
    school's best intentions, at least part of the student body  will be 
    comprised of terrorist operatives or others willing to act as 
    "cyber-mercenaries" for the highest bidder.  To attain a sophisticated 
    computer attack capability, terrorist organizations and hostile 
    governments likely would be more than willing to invest in six years of 
    training.
    
    Four Pakistanis missing after INS wrongly let them enter US.  Federal 
    officials are on the lookout for four Pakistani nationals who are in the
    
    US illegally after leaving a Malta-chartered freighter in Norfolk, 
    Virginia.  The ship was carrying a chemical commonly used in fertilizer,
    
    when it made port on 15 March.  The INS screened the crew list the day 
    before the ship arrived in Virginia. The names were also run through a 
    joint CIA-FBI counter-terrorism database, an international criminal 
    database, and a French criminal database.  No matches came up. On 22 
    March, an INS inspector granted the four Pakistanis "shore leave visa 
    waivers," which allowed them to come ashore even though they had not 
    been granted visas for entry into the US. The men told the INS inspector
    
    that they did not have any family in the area and that they were veteran
    
    merchant mariners. On 24 March, the freighter captain reported to the 
    INS inspector that the four Pakistanis had not returned to the ship. 
    (Fox News, 23 Mar)
    
    WWU Analytical Comment: This article highlights the ease with which 
    individuals can enter the US by way of cargo ship and even the shipping 
    containers they carry (NIPC Daily Report 5 Feb 02).  The Coast Guard, 
    INS, and Customs have long struggled to counter this form of illegal 
    entry.  Unfortunately, this is not an isolated incident.
    
    Bioterrorism experts head to Atlanta.   Hundreds of health officials 
    descended on Atlanta this week for an annual conference on emerging 
    infectious diseases and were warned that terrorists might try to spread 
    deadly germs through the food supply.  According to experts from the 
    Centers for Disease Control and Prevention, terrorists could try to make
    
    the biological attack even more dangerous by taking down critical 
    communications systems.  To guard against attack, the CDC is 
    distributing $918 million to state and local health departments later 
    this year and next year. The CDC is encouraging them to give priority to
    
    upgrading labs and training health workers on how to recognize diseases 
    like anthrax and smallpox.  (Washington Post, 25 Mar)
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:32 PDT