CRIME FW: [Cyber_threats] Daily News 01/21/03

GeorgeH@private

-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Tuesday, January 21, 2003 8:00 AM
To: Cyber Threats; Information Technology
Subject: [Cyber_threats] Daily News 01/21/03

January 17, Government Computer News
Ridge pledges data merger between agencies. In his nomination hearing
today before the Senate Governmental Affairs Committee, Homeland
Security secretary-designate Tom Ridge pledged to blend the government's
immigration and law enforcement databases. Ridge said Congress had given
his department the task of merging information gathered by the
Immigration and Naturalization Service with that of the FBI and CIA. "We
recognize that we have plenty of information, but we have been
unable-not necessarily unwilling-to connect that information," he said.
"One of our highest priorities will be to connect those databases."
Ridge said Homeland Security officials have identified "a way ahead" in
the data fusion task using commercial applications. Ridge said he
expects biometric authentication to be a significant part of the
department's workload. "Ultimately there needs to be an international
standard" for biometrics, he said. "I can envision a day in the not too
distant future that we'll require biometric identification of people
crossing the border, and our friends and allies will require that, too."
Ridge said Defense Department secretary Donald Rumsfeld has commissioned
a team of specialists to work on homeland systems interoperability, as
have FBI director Robert S. Mueller III and CIA director George Tenet.
"That collaboration is with an eye to creating an architecture to make
information available across agency lines," he said. "We are not trying
to design a brand-new system." Source:
http://www.gcn.com/vol1_no1/daily-updates/20891-1.html

January 17, Federal Computer Week
Davis: IT to see 15 percent boost. Rep. Tom Davis, (R-Va.), the newly
named chairman of the House Government Reform Committee, said Jan. 16
that the Bush administration wants to increase the federal information
technology budget by about 15 percent in fiscal 2004. The president's
budget will be officially released Feb. 3, but Davis said it is likely
that the budget will focus on using IT to increase security and
information gathering to thwart terrorist threats. The IT budget request
will likely to be about 15 percent more than the baseline fiscal 2002
budget that included $45 billion for IT, he said. Source:
http://www.fcw.com/fcw/articles/2003/0113/web-davis-01-17-03.asp

January 16, CNET News
Military worried about Web leaks. Department of Defense (DOD) Secretary
Donald Rumsfeld warned in a directive sent to military units this week
that too much unclassified but worrisome material was popping up on the
Web, and said al Qaeda and other foes were sure to take advantage of it.
The directive, drafted as the U.S. is readying troops for a possible
attack on Iraq, reminded military Webmasters they must adhere to the
department's 1998 policy which says: "A DOD Web site may not post For
Official Use Only information, or information not specifically cleared
and approved for public release unless it employs adequate security and
access controls." Rumsfeld's order further restricts what information
will be publicly available on military sites, effectively tightening
controls that have been in place for at least five years and that became
far more strict after the terrorist attacks on the World Trade Center
and the Pentagon. "An al Qaeda training manual recovered in Afghanistan
states: 'Using public sources openly and without resorting to illegal
means, it is possible to gather at least 80 percent of information about
the enemy,'" Rumsfeld wrote. "At more than 700 gigabytes, the DOD
Web-based data makes a vast, readily available source of information on
DOD plans, programs and activities. One must conclude our enemies access
DOD Web sites on a regular basis." There have been no confirmed reports
about classified information making its way to military sites, but
Rumsfeld said he was concerned about other categories he dubbed
"sensitive" or "for official use only." Rumsfeld said that 1,500
instances of such public distribution have been spotted in the last
year. Source: http://news.com.com/2100-1023-981057.html

January 16, Wireless Data News
Nationwide priority wireless access needed in emergencies. The creation
of the Department of Homeland Security (DHS) will apply some urgency to
the wireless industry's regard for providing priority wireless access
during emergencies to government and law enforcement officials. The
Federal Communications Commission asked U.S. carriers more than a year
before September 11, 2001, to voluntarily participate in ensuring that
local, state and federal government and emergency services officials
could have priority access at times when wireline service could be
disrupted and demand for wireless service would soar. The $73 million
needed by the White House's National Communications Systems (NCS) office
in order to fund nationwide priority wireless access was not included in
the $355 billion Department of Defense appropriations Congress approved
in October. The NCS is being transferred to the recently created DHS,
and expects to be funded next year when Congress enacts appropriations
for that agency. "This problem has dropped between the cracks and we do
not have the funding to take priority cell phone service around the
country," Richard Clarke, chairman of the White House's Critical
Infrastructure Protection Board, said recently at the Cellular
Telecommunications &Internet Association's Homeland Security Conference
in Washington, D.C. Source:
http://www.telecomweb.com/wirelessdata/feature.htm

January 16, Boston Globe
Discarded hard drives found full of personal data. In a new article in
the engineering journal IEEE Security and Privacy, MIT graduate students
Simson Garfinkel and Abhi Shelat describe how they wondered whether
people erased their hard drives before reselling their PCs. The students
purchased 158 hard drives at swap meets and used computer shops
throughout the United States, and on the Internet auction site eBay.
They wound up with 129 drives that actually worked. Then they used
commonplace software tools to look for data on the drives. They found
sensitive personal information, including 3,700 credit card numbers.
Sometimes, the previous owners had taken the trouble to delete important
files, not realizing that a PC's delete function doesn't really remove
the data, but conceals it from the computer's operating system. In other
cases, the users went further and "reformatted" the hard drive. This
process appears to wipe out all data on the disk, but again, the
information is still there and can be read using common recovery tools.
They acquired a drive that had been used in an automatic teller machine.
There they found account numbers and balances for the bank's customers.
Out of 129 usable drives purchased by Garfinkel and Shelat, only 12 had
been properly purged of all data. This is done with a program that dumps
meaningless clumps of randomly chosen digits onto the drive. Such
programs are available for free on the Internet, but running them can
take several hours for each drive. Source:
http://www.boston.com/dailyglobe2/016/business/Discarded_hard_dri
ves_found_full_of_personal_data+.shtml

January 16, Federal Computer News
Net-centric success depends on culture. The future of network-centric
warfare will rely just as much on policies and cultural adaptability as
it will on the technology on which it runs, according to a panel of
experts assembled at the Armed Forces Communications and Electronics
Association's
(AFCEA) International West 2003 conference in San Diego January 15.
While new technology will continue to be adopted quickly, the success of
network-centric operations will largely depend on how the U.S. forces
and their allies use that technology. Rear Adm. Charles Munns, director
of the Navy Marine Corps Intranet, said that network-centricity is
happening throughout the Navy. "The intranet we are building is the
answer we need to deal with the future. NMCI is going to take 1,000
[local-area networks] and morph them into one interoperable, secure
intranet." Others on the panel said just as much attention needs to be
paid to getting technology and standards to allied and coalition forces
as is being paid to enhance U.S. forces. Commodore Jon Welch of Great
Britain's Royal Navy said remembering the allies has been an overlooked
part of adapting to a network-centric model, and it is one that could
cause serious problems in future wars. "Tell the allies what you're
buying and what you're doing with it," he said.
Source: http://www.fcw.com/fcw/articles/2003/0113/web-net-01-16-03.asp

Virus: #1 Virus in USA: PE_FUNLOVE.4099 Source:
http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
United States]

Top 10 Target Ports 137 (netbios-ns), 80 (http), 1433 (ms-sql-s), 4662
(???), 445 (microsoft-ds), 139 (netbios-ssn), 53 (domain), 21 (ftp),
8714 (???), 3389 (ms-term-serv) Source:
http://isc.incidents.org/top10.html;
Internet Storm Center

_______________________________________________
Cyber_Threats mailing list
Cyber_Threats@listserv
http://listserv.infragard.org/mailman/listinfo/cyber_threats