CRIME NIPC DAILY REPORT: 07 MAY, 02

From: George Heuston (GeorgeH@private)
Date: Tue May 07 2002 - 09:47:46 PDT

  • Next message: eric.kornberg@private: "RE: CRIME catastrophic Hard Drive Data Recovery Options?"

    NIPC Daily Report  7 May 2002
    
    The NIPC Watch and Warning Unit compiles this report to inform 
    recipients of issues impacting the integrity and capability of the 
    nation's critical infrastructures.
    
    Deceptive Duo hacking continues. A group of hackers calling themselves 
    the Deceptive Duo continues to penetrate government, banking, 
    technology, and other business computer systems. They have breached the 
    systems in two ways; first they use default passwords in Microsoft SQL 
    servers which haven't been changed by system administrators. 
    Securityfocus.com reports that there has been a recent increase in the 
    number of incidents involving port 1433, the default port used by 
    Microsoft SQL Server. Secondly, a NetBIOS brute force attack, a method 
    in which hackers repeatedly try to guess passwords to gain entry into a 
    system, could exploit the NetBIOS protocol and allow access to sensitive 
    data. Statements by the group indicate that these types of attacks will 
    continue. The group has claimed that "We plan on exercising Stage 1 for 
    about 3-4 more months. This is a long-term situation for us." (Multiple 
    Sources)
    
    Cyberspace full of terror targets. Government and private computer 
    networks are facing new threats of terrorist attacks, ranging from an 
    attempt to bring havoc to a major city to nationwide disruptions of 
    finances, transportation and utilities. Individuals with knowledge of 
    national intelligence briefings say little has been done to protect 
    against a cyberattack. Threats come from individuals who might have 
    connections to Osama bin Laden's al-Qaeda network in Pakistan and 
    elsewhere. An 18 April meeting of government intelligence and 
    information-technology officials discussed protecting the nation's 
    computer networks. Officials are most concerned that a Cyber-attack 
    could be coupled with a conventional terrorist attack. (USA Today, 6 May)
    
    
    Iraqi cabinet votes to end oil embargo. The Iraqi cabinet voted on 6 May 
    to resume oil exports beginning midnight, 7 May, after failing to win 
    support from Arab countries in effort to initiate an oil embargo against 
    the US and other allies of Israel. The cabinet admitted its 8 April 
    decision to suspend oil exports for 30 days "did not find the desired 
    response from its Arab brothers to take similar measures". (Associated 
    Press, 6 May)
    
    Plans urged for dealing with "dirty bombs". A report prepared by the 
    Center for Strategic and International Studies for the Metropolitan 
    Washington Council of Governments, concludes that emergency service 
    organizations must develop plans to protect initial responders from 
    radiation, stagger rescue crews to prevent overexposure, and ensure that 
    protective gear and equipment can be rushed in from regional sources. It 
    also suggests that authorities consider ways to quickly exercise 
    emergency powers to prevent panic and recommends disseminating 
    information in advance to educate the media and the public about the 
    risks. The center's study is based on the assumption that an attack with 
    a "dirty bomb" is more likely than the detonation of a stolen nuclear 
    device, the release of smallpox, or an attack on a nuclear power plant. 
    (Washington Post, 4 May)
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:01 PDT