-----Original Message----- From: NIPC Watch [mailto:nipc.watch@private] Sent: Tuesday, April 01, 2003 7:42 AM To: Information Technology Subject: [Information_technology] Daily News 4/01/03 March 28, IT Week EU to unify e-crime rules. To deter online attacks, forthcoming regulations will require EU states to harmonize anti-hacking laws and hand out custodial sentences for serious offences. The Council of the European Union has agreed a common approach for its forthcoming anti-hacking regulations, which member states must adopt into their national law by December 31, 2003. The Council framework decision on attacks against information systems will require member states to make unauthorized access to computer systems a criminal offence. Precise details of the framework and suggested penalties for offences have yet to be formally announced. However, the initial proposal of April 2002 called for a maximum penalty in serious cases of at least one year's imprisonment. According to the council, the lack of harmony in member states' laws make it difficult to tackle cross-border attacks, and could hamper investigations. The framework is intended to improve cooperation between police and judicial systems during investigations, and to establish penalties across Europe to stop attackers. Source: http://www.vnunet.com/News/1139796 March 27, Government Computer News Agencies are making progress in security, OMB says. The Office of Management and Budget gave a sneak preview today of its second annual report to Congress on the state of agencies' IT security. "We made progress across the government," said Kamela White, a senior policy analyst in OMB's Information Policy and Technology Branch. But "in some cases, although the numbers are heading in the right direction, they are still low. There are hundreds of millions of dollars in IT investments that OMB considers at-risk if [their security] problems are not corrected by the end of the fiscal year." OMB may cut off funding for these programs. The OMB report, due to Congress in several weeks, is required under the Government Information Security Reform Act, which was renewed last year by the Federal Information Security Management Act. The law requires agencies to report to OMB each year on the security and certification of critical IT systems. It also calls for agencies to integrate security spending into lifecycle planning for new systems. White said most agencies spend 5 percent to 10 percent of their IT budgets on security. But "there is no relationship between the amount of money spent in IT security and performance," she said. Source: http://www.gcn.com/vol1_no1/daily-updates/21510-1.html March 27, Government Computer News New task force will examine critical uses of supercomputing. The government is establishing a high-end computing revitalization task force aimed at improving research and development, accessibility and procurement of high-end systems. William Turnbull, deputy CIO of the National Oceanic and Atmospheric Administration, said the effort will be guided by the National Science and Technology Council. He spoke yesterday at the National High-Performance Computing and Communications Council's conference in Newport, R.I. The impetus for the task force comes from a paragraph in the Office of Management and Budget's Analytical Perspectives on the fiscal 2004 budget, Turnbull said. "Due to its impact on a wide range of federal agency missions ranging from national security and defense to basic science, high-end computing-or supercomputing-capability is becoming increasingly critical," the document stated. Turnbull said he expects the task force's results to guide investments in hardware and research into better software for scientific simulations and other high-end computing efforts. For more information on the task force as it develops, visit www.itrd.gov/hecrtf-outreach/index.html. Source: http://www.gcn.com/vol1_no1/daily-updates/21506-1.html March 27, Government Computer News Safety measures will be added to software improvement model. Federal officials are working to attach new safety and security practices to existing models to boost agencies' software capabilities-an important goal, considering current international hostilities, a Defense Department executive said. "Recent events point out more and more that safety and security are not only good things, but things we have to do," said Joe Jarzombek, deputy director for software-intensive systems in the Defense Systems Directorate of the Office of the Under Secretary of Defense. The Army, Navy, NASA and Energy have joined the effort, and Jarzombek said federal agencies have asked companies to help as well. The Integrity Assurance program will be included in version 2.0 of the FAA's integrated Capability Maturity Model and version 1.1 of the Capability Maturity Model Integration for systems and software engineering, developed by the Software Engineering Institute at Carnegie Mellon University. Source: http://www.gcn.com/vol1_no1/daily-updates/21507-1.html Internet Security Systems - AlertCon: 1 out of 4 https://gtoc.iss.net/ Last Changed 25 March 2003 Security Focus ThreatCon: 1 out of 4 www.securityfocus.com Last Changed 1 April 2003 Current Virus and Port Attacks Virus: #1 Virus in USA: JS_NOCLOSE.E Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus Tracking Center [Infected Computers, North America, Past 24 hours, #1 in United States] Top 10 Target Ports: 80 (www), 137 (netbios-ns), 1434 (ms-sql-m), 25 (smtp), 113 (ident), 445 (microsoft-ds), 139 (netbios-ssn), 6346 (gnutella-svc), 53600 (---), 53 (domain) Source: http://isc.incidents.org/top10.html; Internet Storm Center _______________________________________________ Information_technology mailing list Information_technology@listserv
This archive was generated by hypermail 2b30 : Tue Apr 01 2003 - 14:11:47 PST