CRIME FW: NIPC Daily Report 03 Apr 02

From: George Heuston (GeorgeH@private)
Date: Wed Apr 03 2002 - 09:48:01 PST

  • Next message: George Heuston: "CRIME PRS Meeting, 5 April, after Spaf"

    NIPC Daily Report	03 April 2002
    
    The NIPC Watch and Warning Unit compiles this report to inform 
    recipients of issues impacting the integrity and capability of the 
    nation's critical infrastructures.
    
      US to issue more secure passports.  The State Department unveiled a 
    new "state-of-the-art" passport designed to prevent misuse of American 
    passports by terrorists.  Effective April 8, all newly issued US 
    passports will have enhanced security features, the most prominent being 
    the use of digital photos. For security reasons, the State Department 
    declines to elaborate on other enhancements. The technology needed to 
    issue the new passports is not yet available at US embassies and 
    consulates abroad, so overseas passport issuance is being transferred to 
    the National Passport Processing Center in Portsmouth, New Hampshire. 
    (CNN, 2 April)
    
    WWU Comment: With the seeming ease at which terrorists have been 
    falsifying official US documentation, this step toward a more secure 
    records procedure is a step in the right direction.  The possibility 
    does exist that the current official passports could still be in use by 
    terrorists and others that wish to do harm to the US.
    
    FTC Canada and some states join fight against Internet e-mail fraud. 
    The Federal Trade Commission (FTC), joined by the FBI and several state 
    and some Canadian agencies, is cracking down on spam and fraud on the 
    Web.  Sixty-three cases have been brought against Internet spammers in 
    the last six months.   The FTC said it will warnings against hundreds 
    more. "The FTC and its law enforcement partners are sending a signal to 
    scammers: We're out there surfing the Net, reading our spam and working 
    together to stop Internet scams," said J. Howard Beales III, director of 
    the FTC's Bureau of Consumer Protection. Called International Netforce, 
    the initiative is intended to stop the activities, freeze assets, and 
    press criminal charges against people and companies that commit fraud 
    over the Internet. (Computer World, 2 Apr)
    
    Spreading the safety net.  Spurred by the events of 11 September 2001, 
    some companies have been decentralizing their technical resources. 
    Business continuity can be strengthened through distribution - moving 
    information and computing power away from the central office so business 
    can get back up and running relatively quickly.  Distributing resources 
    to offsite locations also helps employees access the information and 
    applications they need during a disaster or business interruption. 
    Common forms of distribution for business continuity include offsite 
    storage, data backup, and distributed datacenters with processing power 
    available.   There are drawbacks to distribution.  Backups must be 
    accessible, and they must be tested to ensure information is being 
    recorded accurately.   Spreading resources too thin can also harm a 
    business continuity plan.   Over all, decentralization decreases the 
    risk of a single incident disrupting all business. (InfoWorld, 29 Mar 02)
    
    Guard takes part in security exercise. The Army National Guard took part 
    earlier this month in a homeland security exercise, providing its 
    intranet, known as GuardNet, to allow public safety agencies and 
    National Guard personnel to coordinate their response to simulated 
    terrorists acts in cities nationwide. GuardNet served as the backbone 
    for the Domestic Emergency Response Information Service, an information 
    portal for federal, state and local personnel responding to emergencies. 
    The service is designed to link first responders to existing information 
    resources and networks.  The exercise scenario allowed the responders to 
    "come as you are" with various technologies, from handheld devices to 
    laptops, and still be able to share information with one other and to 
    access their base resources.  The goal was to eliminate communication as 
    the hardship.  The biggest obstacle was working through the firewalls 
    and intrusion-detection systems of the various agencies, which took two 
    to three hours in some cases.  That time is expected to decrease as 
    collaboration and cooperation increase in the future.  (Federal Computer 
    Week, 01 Apr)
    
    DISA seeks detection system.  The Defense Information Systems Agency 
    last week announced plans to work with a civilian contractor to develop 
    a system to help detect, analyze and defend against cyberattacks across 
    Defense Department networks.  In a March 27 notice, DISA officials said 
    the department needed a system to "monitor and analyze the immense 
    amounts of computer traffic and detect the missions of hacker attacks 
    and denial-of-service attacks launched against DISA's Global Information 
    Grid daily." The grid includes unclassified and classified DOD networks 
    worldwide.  Numerous individual defense organizations already have 
    intrusion-detection systems on their networks, but DOD has only just 
    begun integrating such protection across the department. (Federal 
    Computer Week, 01 Apr)
    
    Windows Media Player vulnerability. Security experts believe malicious 
    virus writers who are now all but shut out of attacking another 
    Microsoft product, Outlook 2002, could soon target Windows Media Player. 
    They have discovered that the program allows malicious hackers to easily 
    bypass Outlook's new security features, which block delivery of 
    dangerous e-mailed attachments and turn off active scripting by default. 
    A downloadable security update from Microsoft adds the same protections 
    to Outlook 2000.  The experts say HTML-formatted e-mail containing code 
    identified as a file that Media Player "trusts" can be embedded in an 
    e-mail, which Outlook will then automatically allow the player to 
    execute.  "Bad guys will keep looking for a way into a system. If they 
    think Outlook is harder to get into, they'll try something else like 
    WMP," said Richard Forno, chief technology officer at Shadowlogic, said. 
    "They'll keep turning doorknobs until they can exploit something." 
    (Wired.com News, 27 Mar 02)
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:42 PDT