CRIME NIPC Watch Daily Report 22 May 2002

From: George Heuston (GeorgeH@private)
Date: Wed May 22 2002 - 08:00:17 PDT

  • Next message: Mark Wills: "RE: CRIME Virus list"

    SQL worm squirms through servers. A new worm that targets Microsoft SQL 
    Server software has begun squirming through the Internet, experts said 
    on 21 May. Called DoubleTap by vulnerability analysis firm 
    SecurityFocus, the worm has already managed to infect 1,600 servers that
    
    run the software, said Elias Levy, chief technology officer for the San 
    Mateo, California, company. Despite the spread, Levy added that the 
    virus shouldn't pose too much of an overall threat. "We don't expect it 
    to become widespread," he said. The self-propagating program has also 
    been named Spida.a.worm by antivirus firms Symantec and Network 
    Associates and has been labeled SQLSnake by the Systems Administration 
    Networking and Security (SANS) Institute. It has been infecting servers 
    since 20 May. (CNET News, 21 May)
    
    Comment: The NIPC is closely monitoring both variants of this worm and 
    will advise of changes in its status as necessary. Major U.S. anti-virus
    
    vendors are rating this worm as Low and have removal instructions posted
    
    on their Web sites.
    
    Airline Association: Post 11 September trans-atlantic air traffic down 
    22.6 percent, slowly returning to previous levels. The 28-member 
    Association of European Airlines reports scheduled air traffic between 
    the U.S. and Europe is down 22.6 percent for the period since the 
    terrorist attacks compared to a year earlier. Traffic across the North 
    Atlantic, key to the financial health of major airlines, is off by 
    almost 31 percent compared to the same period in 2000. Since 1 January 
    the decrease narrowed to 14.9 percent. In the week ending 12 May, the 
    last for which the association had figures, traffic was off by 10.1 
    percent compared for the same week the year before. (Associated Press, 
    21 May)
    
    Certification deadline draws near. In an effort to improve the security 
    of the commercial software it buys, the Defense Department beginning in 
    July will prohibit the military services from purchasing information 
    assurance products that have not met a third-party security evaluation. 
    Under the rule, DOD will not buy commercial software that has not yet 
    been certified by the National Information Assurance Partnership (NIAP).
    
    The group formed by the National Security Agency and the National 
    Institute of Standards and Technology is not directed at only 
    information assurance products, such as firewalls or intrusion-detection
    
    systems, but also at "information assurance-enabled products" such as 
    Web browsers, operating systems and databases. (Federal Computer Week, 
    21 may)
    
    State Department virus exposes system flaw anyone could have sent 
    messages to U.S. travel warning list. The recent computer virus that the
    
    State Department sent out last week was sent to an e-mail list devoted 
    to travel warnings. This exposed a larger shortcoming in the agency's 
    security. The State Departments list was set up to allow anyone to send 
    a message to all recipients --including journalists, foreign diplomats, 
    and overseas nationals. The virus proved it would have been easy for 
    someone to send out a fake global travel warning in the name of the 
    State Department. (MSNBC, 21 May)
    
    Hackers still ahead of IT departments. Hackers Still Ahead of Security 
    Gurus Hackers are still at least one step ahead of even the best funded 
    and most sophisticated IT departments in the world. Hackers, at least 
    for the moment, are way ahead of corporate IT departments, and are even 
    outpacing the top cybercrime fighters in federal law enforcement. "A lot
    
    of people depending on the Internet for commerce are putting their 
    privacy at risk," Electronic Privacy Information Center (EPIC) director 
    Marc Rotenberg told NewsFactor. Indeed, it seems they are risking more 
    than just their privacy -- consumers are putting their most critical 
    data within reach of elusive cyber thieves. (NewsFactor.com, May 21)
    



    This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:43:24 PDT