CRIME FW: NIPC Daily Report 27 June, 2002

From: George Heuston (GeorgeH@private)
Date: Thu Jun 27 2002 - 09:05:48 PDT

  • Next message: Crispin Cowan: "Re: CRIME Secure Programming HOWTO"

    OpenSSH vulnerability.  The NIPC is aware of a vulnerability in OpenSSH
    version 3.3 and below.  Users are strongly encouraged to visit
    http://www.openssh.com/ <http://www.openssh.com/>  to obtain and install
    version 3.4 of this product.   Additional information on this issue is
    available at:
    
    Internet Security Systems
    OpenSSH Remote Challenge Vulnerability
    http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584
    <http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584
    > 
    
    OpenSSH
    OpenSSH Security Advisory
    http://www.openssh.com/txt/preauth.adv
    <http://www.openssh.com/txt/preauth.adv> 
    
    Computer crime incidents may be reported online at
    http://www.nipc.gov/incident/cirr.htm
    <http://www.nipc.gov/incident/cirr.htm> 
    
    Cyber attacks by al Qaeda feared by US.  According to US officials, the
    potential exists for the compromise of digital devices that allow remote
    access of Distributed Control Systems (DCS) and Supervisory Control and
    Data Acquisition Systems (SCADA).  The simplest of these devices collect
    measurements, throw railway switches, close circuit breakers, or adjust
    valves in the pipes that carry water, oil, and gas.  More complicated
    versions of these type of devices sift incoming data, govern multiple
    devices, and control other areas of the infrastructure.  Recently,
    evidence has been discovered that al Qaeda operators have spent time on
    Web sites that offer software and programming explanations for the
    digital switches that run power, water, transport and communications
    grids.  By disabling or taking command of floodgates in a dam or a
    sub-station handling electric power, analysts believe an intruder could
    use cyber tools to disrupt/destroy critical infrastructures.  It is
    surmised that terrorists may combine these techniques, synchronized with
    physical acts of terrorism. (Washington Post, 26 Jun)
    
    SEC Charges WorldCom with fraud.  The Securities and Exchange Commission
    charged WorldCom Inc., the nation's second-largest long-distance
    telephone company, with defrauding investors by improperly accounting
    for $3.9 billion in expenses during 2001 and the early part of this
    year. "In a scheme directed and approved by its senior management,
    WorldCom disguised its true operating performance by using undisclosed
    and improper accounting" that made the company appear more profitable
    than it was, the SEC stated in a suit filed in U.S. District Court in
    New York. (Washingtonpost.com, 27 Jun)
    
    WWU Comment - The repercussions from this investigation could begin to
    affect smaller telecommunication providers in terms of service, since
    many smaller Internet Service Providers lease lines through WorldCom.
    Users could experience loss of service and lack of technical support in
    the case of service disruption or failure. The uncertainty revolving
    around WorldCom may provide an opportunity for intrusion attempts and
    system integrity checks against the IP blocks owned by WorldCom.
    
    Transportation Security Administration announces next two airports to
    receive federal passenger screeners.  The Transportation Security
    Administration (TSA) successfully placed federal passenger screeners at
    Mobile Regional Airport, AL, and Louisville International Airport, KY.
    The deployment of the federal screeners marks another step in TSA's goal
    of hiring, training and mobilizing more than 50,000 new passenger and
    baggage security screeners. TSA deployed the nation's first federal team
    of screening personnel on 30 April, 2002 at Baltimore/Washington
    International Airport (BWI). (U.S. Department of Transportation, 25 Jun)
    
    Bush official urges agencies to upgrade homeland security systems now .
    The Bush Administration is urging Federal agencies not to wait for the
    creation of the new Homeland Security Department to upgrade their
    information technology systems to better protect the nation.  Jim
    Flyzik, a member of the President's Critical Infrastructure Protection
    Board stated that "we cannot only improve security but improve
    performance" in airports, at the nation's borders and ports, and
    elsewhere. Mr. Flyzik feels it is imperative that agencies build from
    each other's modernization efforts. (Gov Exec.com, 25 Jun)
    
    25,000 gas masks ordered for the Capitol in case of a terrorist attack .
    25,000 gas masks have been ordered to help protect the Capitol -
    tourists included - in the event of a chemical or biological attack. The
    masks will be stored around the building to help tourists and members of
    Congress and their staffs survive a chemical or biological attack.  "The
    reason we're doing this is because the Capitol was targeted for a
    bio-terrorist attack, the anthrax attack," the official said.
    Anthrax-laced mail sent to the Capitol last fall killed two postal
    workers. (Associated Press, 26 Jun)
    
    
    ~dmh
    



    This archive was generated by hypermail 2b30 : Thu Jun 27 2002 - 10:23:02 PDT