-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Wednesday, January 22, 2003 7:45 AM To: Information Technology; Telecommunications; Cyber Threats Subject: [Information_technology] Daily News 01/23/03 January 21, Associated Press Software to snag hackers in real time. Recent data intrusions, whose authors are typically intent on theft, sabotage or cyberterrorism, have given rise to a promising profiling-and-reasoning strategy aimed at preventing online break-ins as they happen. Researchers at the State University of New York at Buffalo are developing "user-level anomaly detection" software that draws up regularly updated profiles by closely tracking over time how each person performs an array of routine tasks, such as opening files, sending e-mail or searching archives. The system could provide a high-grade layer of protection for military installations and government agencies as well as on commercial networks. Designed to tell if someone has strayed into an unauthorized zone or is masquerading as an employee using a stolen password, the program keeps watch for even subtle deviations in behavior. Alerted to anomalies, network administrators then begin monitoring more aggressively to assess whether pilferage is in progress. Source: http://www.businesstoday.com/business/technology/ap_hack01212003.htm January 20, Computerworld GPS jammers raise concern. The current issue of the online hacker magazine Phrack provides directions for making cheap devices to jam Global Positioning System signals (GPS). The article says the jammer was designed to work only against GPS civil-use signals broadcast on the frequency of 1575.42 MHz and not the military frequency of 1227.6 MHz. However, James Hasik, a consultant, said that while the jammer was targeted against the civil GPS signal, known as the C/A code, it could also threaten military systems, since "almost all military GPS receivers must first acquire the C/A signal" before locking onto the military signal, known as the P(Y) code. The Department of Defense (DOD), which faces the possibility of its GPS-guided weapons encountering Russian-made GPS jammers in Iraq, has antijamming technology at its disposal. Air Force Lt. Col. Ken. McClellan, a Pentagon spokesman, said GPS experts at the Pentagon don't "at the moment" view homemade jammers as a hazard to safety of flight for civil aircraft or ship operations, "but rather a nuisance." The Federal Aviation Administration (FAA) is developing a nationwide GPS-based precision landing system. And the U.S. Coast Guard (USCG) operates a GPS-based maritime navigation system. Bill Mosley, a spokesman for the Department of Transportation (DOT), the parent agency of the FAA and the USCG, said his department is well aware of the threat posed by GPS jammers. Source: http://www.computerworld.com/securitytopics/security/story/0,1080 1,77723,00.html January 20, Government Computer News National Cyber Security Leadership Act of 2003 introduced to Congress. Senator John Edwards (D-NC) has introduced a bill that would require agency CIOs to identify significant vulnerabilities in IT systems; establish performance goals for eliminating the weaknesses; and evaluate performance at least quarterly. The National Cyber Security Leadership Act of 2003 would also mandate the use of IT security standards and guidelines established by the National Institute of Standards and Technology (NIST). The bill, introduced January 16, has been referred to the Senate Governmental Affairs Committee. NIST would be charged with developing guidelines within six months to address the vulnerabilities. The guidelines could become mandatory unless agencies received exemptions. The bill complements the Federal Information Security Management Act (FISMA), which was incorporated in the Homeland Security Act of 2002. FISMA requires agencies to assess risks to IT systems and to provide "information security protections commensurate with the risk." It also requires development of security programs, annual evaluations of the programs and annual reports to OMB. Source: http://www.gcn.com/vol1_no1/daily-updates/20899-1.html Virus: #1 Virus in USA: WORM_KLEZ.H Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports 137 (netbios-ns), 80 (http), 1433 (ms-sql-s), 445 (microsoft-ds), 4662 (???), 139 (netbios-ssn), 53 (domain), 8714 (???), 3389 (ms-term-serv), 23 (telnet) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv http://listserv.infragard.org/mailman/listinfo/information_technology
This archive was generated by hypermail 2b30 : Wed Jan 22 2003 - 10:25:12 PST