CRIME FW: [Information_technology] Daily News 4/3/03

From: George Heuston (GeorgeH@private)
Date: Thu Apr 03 2003 - 10:12:23 PST

  • Next message: Aaron M. Johnson: "RE: I need a ride to Re: CRIME Meeting, 8 April 2003, @ Verizon ..."

    -----Original Message-----
    From: NIPC Watch [mailto:nipc.watch@private] 
    Sent: Thursday, April 03, 2003 7:02 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 4/3/03
    
    April 02, Associated Press
    Thieves take computers containing details on radioactive material. Eight
    state-owned computers containing details on all of the New Mexico
    companies
    that use radioactive material have been stolen, officials said Tuesday.
    The
    names, addresses and phone numbers of more than 210 businesses are
    contained
    in the stolen computers, along with what radioactive materials each is
    licensed to have, said Bill Floyd, manager of the state Environment
    Department's Radiation Control Bureau. Thieves took the eight computer
    towers from the bureau's office in Santa Fe either Thursday night or
    early
    Friday. While the files are legally accessible to the public, anyone
    seeking
    them would need to do so under the Freedom of Information Act, Floyd
    said.
    He said he believed the culprits were seeking the machines themselves --
    not
    the data in them. Source:
    http://www.cnn.com/2003/US/Southwest/04/02/radiation.files.ap/index.html
    
    April 01, The Oregonian
    Al Qaeda supporters hack into student's Web site. The Web site of a
    Portland
    State University graduate student was targeted in a wave of Internet
    hackings supporting al Qaeda. Files planted in Conrado Salas Cano's
    personal
    Web site housed threats against the United States, tributes to the
    September
    11 attacks and purported messages from Osama bin Laden. The FBI
    reportedly
    launched an investigation, and some cyberterrorism followers said it
    resembled attacks by al Neda, the online propaganda unit of al Qaeda.
    Josh
    Devon, an analyst at the Search for International Terrorist Entities
    Institute, said some of the pages contain pictures of guns and
    bomb-making
    manuals in Arabic. Specific plans of future attacks aren't on the site,
    although Devon said it's possible they use code words to communicate
    attacks. Since losing their domain name last summer, Devon said al Neda
    has
    been hacking into various sites around the globe to spread its message.
    Once
    the sites are discovered and shut down, a new al Neda site pops up
    within 48
    hours. News of the Web sites, he said, spreads by word of mouth and in
    Arabic newspapers. Source:
    http://www.oregonlive.com/business/oregonian/index.ssf?/base
    /business/1049201902166680.xml
    
    April 01, Reuters
    Website hoax fans virus panic. A teenager's website hoax about a killer
    virus that is sweeping Hong Kong sparked panicked food buying and hit
    financial markets on Tuesday, forcing the government to deny it would
    isolate the entire territory. "We have no plan to declare Hong Kong an
    infected area," Director of Health Margaret Chan told reporters. "We
    have
    adequate supplies to provide (for) the needs of Hong Kong citizens, and
    there is no need for any panic run on food." In Hong Kong, 685 people
    are
    infected by severe acute respiratory syndrome, also known as SARS, and
    16
    have died from the virus. The fake website scare fueled dismay in the
    territory adjoining China's Guangdong province, where the virus is
    believed
    to have originated four months ago. The hoaxer copied the format of the
    public Internet portal of the Mingpao, one of Hong Kong's leading
    newspapers, and posted a message saying the government would declare the
    city of seven million "an infected place." Source:
    http://www.wired.com/news/medtech/0,1286,58311,00.html
    
    March 31, salon.com
    Iraq goes offline. U.S. Tomahawk cruise missiles aimed at destroying
    Saddam
    Hussein's propaganda machine reportedly destroyed several satellite
    dishes
    and an Internet server housed at Iraq's Ministry of Information building
    Saturday. Local phone service in the city was also reportedly disrupted
    by
    separate missile strikes on two telecommunications switching centers.
    Yet
    Babil Online, the home page of an Iraqi newspaper run by Saddam
    Hussein's
    son Uday, was still reachable following the bombing. Babil Online may
    have
    escaped the attacks because of its physical location -- the site appears
    to
    be hosted on a server not in Baghdad but in Beirut, Lebanon. Some
    observers
    have speculated that the United States left Iraq's Internet
    infrastructure
    untouched for the first week of the war in order to maintain
    communications
    with potential defectors in the high ranks of Iraq's government and
    military
    personnel. But Peter W. Singer, a fellow at the Brookings Institute,
    said he
    doubted that preserving Iraq's Internet capabilities was high on the
    priority lists of U.S. military planners. "Internet access is still
    limited
    mostly to elites in the country. The U.S. is mostly concerned about
    protecting things like water and electricity and bridges," said Singer.
    He
    said the mission of Iraq's Information Ministry has been not only to
    fire up
    nationalism but also to manipulate world opinion and to raise
    international
    protests against the war. Source:
    http://www.salon.com/tech/feature/2003/03/31/iraq_offline/index.html
    
    February 28, General Accounting Office
    Critical Infrastructure Protection: Challenges for Selected Agencies and
    Industry Sectors. The General Accounting Office has released report
    GAO-03-233 titled "Critical Infrastructure Protection: Challenges for
    Selected Agencies and Industry Sectors." With computer interconnectivity
    comes a threat: both physical and cyber assets are potentially
    vulnerable to
    computer-based attack. In response, Presidential Decision Directive 63
    (PDD
    63, May 1998) called for a range of actions to improve the nation's
    ability
    to detect and respond to serious infrastructure attacks. GAO examined
    four
    specific agencies--the Departments of Health and Human Services, Energy,
    and
    Commerce, and the Environmental Protection Agency--and found that the
    agencies have made progress in implementing several PDD 63 requirements.
    However, none of the agencies has fully implemented all requirements.
    GAO
    also examined private-sector groups known as Information Sharing and
    Analysis Centers (ISACs) for five specific industry sectors--information
    technology, telecommunications, energy, electricity, and water supply.
    ISACs
    serve as clearinghouses for their sectors to share information. For
    other
    suggested activities, such as establishing baseline statistics on
    computer
    security incidents, progress is mixed. Both the agencies and the ISACs
    identified challenges and obstacles to undertaking CIP activities.
    Agency-identified challenges included coordinating security efforts for
    critical assets with the General Services Administration, which may
    often be
    responsible for protecting agency facilities that house critical assets.
    The
    ISACs identified obstacles to information sharing, both between the
    sectors
    and the government and within the sectors. In particular, they noted
    concerns that information reported to the government could be subject to
    public release under the Freedom of Information Act. Source:
    http://www.gao.gov/cgi-bin/getrpt?GAO-03-233
    
    Internet Security Systems - AlertCon: 1 out of 4
    https://gtoc.iss.net/
    Last Changed 25 March 2003
    
    Security Focus ThreatCon: 1 out of 4
    www.securityfocus.com
    Last Changed 1 April 2003
    
    Current Virus and Port Attacks
    Virus: #1 Virus in USA: PE_FUNLOVE.4099
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
    United States]
    
    Top 10 Target Ports:
    137 (netbios-ns), 80 (www), 1434 (ms-sql-m), 25 (smtp), 113 (ident), 445
    (microsoft-ds), 139 (netbios-ssn), 6346 (gnutella-svc), 53 (domain),
    1214
    (kazaa)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    



    This archive was generated by hypermail 2b30 : Thu Apr 03 2003 - 11:08:37 PST