-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Friday, December 27, 2002 11:36 AM To: cyber_threats@private Subject: [Cyber_threats] Daily News 12/27/02 December 26, The Washington Times - Hacker threat seen as overdone. A paper published recently by James Lewis of the Center for Strategic and International Studies concludes that the threat from hackers on the nation's critical infrastructures is "overblown." Mr. Lewis makes a distinction between computer networks in general and critical infrastructure. He says, "a brief review suggests that while many computer networks remain very vulnerable to attack, few critical infrastructures are equally vulnerable." To bring the country down even briefly, terrorists would have to do serious damage to critical systems, not just make nuisances of themselves. Lewis makes several points. One is that there is a difference between being a pest and causing strategically serious damage. Second, the American infrastructure is much more robust than terror mongers would have us think. Failure and disruption are already a routine fact of infrastructure life and cause no more than inconvenience. "An assumption I have noticed in disaster scenarios is that if a terrorist can disrupt a network's computers, the network is destroyed. Actually, computers fail frequently, whereupon the engineers reload from backups and life goes on." His conclusion: "The sky is not falling, and cyber-weapons seem to be of limited value in attacking national power or intimidating citizens." The CSIS study is available at http://www.csis.org/tech/0211_lewis.pdf. Source: http://www.washtimes.com/business/20021226-40779202.htm December 26, MSNBC - Hacker turns to extortion. A criminal trying to turn stolen personal data into cash has apparently seized on a new, low-tech method - direct threats. A woman who had her identity stolen in early December managed to foil most of the bank account transfers attempted by the thief. So the criminal turned to personal extortion instead, saying he would leave her alone if she paid $400. The incident concerns online auction consumer advocate Rosalinda Baldwin, who sees it as an escalation of the kinds of tactics hackers might use to turn computer crime into cash. Extortion threats, which until now were normally reserved for hackers trying to wring money out of companies that had suffered security lapses, raise the stakes quite a bit for the criminal, Baldwin says. The big question for Baldwin is whether or not the woman's case is an aberration, or represents a new method computer criminals are using the profit from criminal computer activity. Source: http://www.msnbc.com/news/851175.asp?0si=-&cp1=1 Virus: #1 Virus in USA: WORM KLEZ .H Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] 137(netbios-ns); 1433(ms-sql-s); 80 (http); 445 (microsoft-ds); 443(https); 53 (domain); 4662; 27374(asp); 21 (ftp); 139(netbios-ssn) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Cyber_Threats mailing list Cyber_Threats@listserv http://listserv.infragard.org/mailman/listinfo/cyber_threats
This archive was generated by hypermail 2b30 : Fri Dec 27 2002 - 18:17:45 PST