The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures. Better management key to fighting cyber attacks. The Federal Computer Incident Response Center (FedCIRC) is developing a "secure collaboration" capability that would enable agencies to share sensitive information in a near real-time environment, through secure chat rooms and other online forums. FedCIRC is also working to develop a "patch authentication" capability that would help federal agencies determine which software patches would be the most useful for fixing specific vulnerabilities in their systems. (National Journal's Technology Daily, 3 Apr) NIST guides target e-mail, patches. The National Institute of Standards and Technology (NIST) released new draft guidance for dealing with two of the most common sources of security breaches: poorly configured e-mail servers and the failure to apply software patches. The NIST e-mail guide is intended for systems administrators who are responsible for installing, configuring and maintaining e-mail servers and clients. The NIST patch guide is intended for both managers and systems administrators. Additionally, the federal government has several efforts underway to help agencies apply the patches they need, including a new program available through the General Services Administration's Federal Computer Incident Response Center. (Federal Computer Week, 4 Apr) WWU Comment: The above two articles illustrate how committed the government is to ensure the security and integrity of securing its systems. FedCIRC's development of an automated patch authentication would greatly reduce the number of easily applied fixes, freeing up the systems administrators to pursue other, more detailed avenues of system security in order to maintain compliance. Two- way pagers fight terrorism. The surprisingly low-tech devices are working well in two test locations, giving bicycle and foot patrols the same technological reach that has been in squad cars for years. Getting the devices into the hands of policemen at airport checkpoints is critical, because only government public safety officers can access the various criminal databases. Private security officers cannot. Ten of the devices have been in use at Boston's Logan Airport since January and within a few days, police walking around the Logan parking lot identified 11 stolen cars with them. (MSNBC, 3 Apr) WWU Comment: Concerns over wireless security are secondary to the major benefits of this system. The speed of information transfer and the ability to get information to bicycle or foot patrols is a major step forward. Law enforcement's biggest advantage is the ability to increase personal contact with the public, while still maintaining access to critical database information. Simple measures such as routine questioning or traffic-stops have proven beneficial in deterring or uncovering criminal or terrorist activity. Wireless priority system given a 'go.' The Federal Communications Commission (FCC) has granted a temporary waiver to VoiceStream, enabling the company and the government to launch a wireless priority access service (PAS) for use during emergencies. The new system will be part of the White House's National Communications System (NCS), and will eventually be expanded nationwide to include more carriers. Its purpose is to ensure that mobile telephone calls from national security and emergency personnel will be connected regardless of the amount of traffic on the system. The pilot program will begin in in New York City and Washington, DC in May. (Federal Computer Week, 4 April)
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:39:43 PDT