NIPC Daily Report 13 June 2002
The NIPC Watch and Warning Unit compiles this report to inform recipients of
issues impacting the integrity and capability of the nation's critical
infrastructures.
.
Microsoft discloses serious flaw in Web site software. Microsoft Corp.
acknowledged a serious flaw Wednesday in its Internet server software that
could allow sophisticated hackers to seize control of Web sites, steal
information and use vulnerable computers to attack others. Microsoft made
available a free patch for customers using versions of Internet Information
Server software with Windows NT or Windows 2000 operating systems. The
server software included in Microsoft's Windows XP operating system was not
affected by the security flaw. A researcher with eEye Digital Security
Inc., Riley Hassell, found the Web server flaw in mid-April during testing
of eEye's own hacker-defense software, but the discovery was kept closely
guarded under an agreement with Microsoft until Wednesday. Microsoft
described the risk to Web servers as "moderate", but top experts have for
months recommended turning off the vulnerable feature, which is turned on
automatically the first time the software is installed. Marc Maiffret, the
self-described ``chief hacking officer'' for eEye, said malicious hackers
would devise automated tools to scan the Internet and attack vulnerable
computers rather than targeting machines individually. The same technique
was used to spread the damaging ``Code Red'' and ``Nimda'' across the
Internet last year, which infected nearly 1 million servers. ``It could
readily be exploited with a worm,'' Maiffret said. ``It's kind of a scary
thing.'' (AP-Washington, 12 Jun)
NIPC WWU Comment: The flaw allows a remote buffer overflow in an HTR
request. It affects MS Windows NT 4.0, IIS 4.0, and MS Windows 2000 IIS
5.0. NIPC recommends patching affected systems as soon as possible using
the free patch provided by Microsoft. Patch is at www.microsoft.com
Malaysia sets up cyber-warfare hub. The Malaysian Defense Ministry is
commissioning a secure network infrastructure to safeguard information from
unauthorized access. Minister Datuk Seri Najib Razak said the ministry was
also setting up a cyber warfare center, which would look at both offensive
and defensive information operations. Najib said that the cyber warfare
center would provide surveillance of, and protection from, cyber threats,
and if necessary, counter any threats from cyberspace. He said development
of the network would be completed in about five years and would link all the
information databases within the Defense Ministry and the armed forces. (New
Straits Times Malaysia, 11 Jun)
Chinese software firm discovers native e-mail virus. Beijing Ruixing global
virus supervision center intercepted a domestically produced e-mail virus
they have temporarily named "Chinese Hacker". According to Ruixing, the
virus is very infectious, fast, and has the ability to bypass anti-virus
software and enter computer memory. Furthermore, according to Ruixing, even
if anti-virus software can discover the virus, it cannot be destroyed. The
virus infects through e-mail and, once resident on the computer memory, has
a self-start function. The current version does not carry a destructive
payload, but if an attacker added a destructive payload to the virus, it
could pose a serious threat. (Xinhua, 11 Jun)
Area residents can comment on possible routes for a new regional power
transmission line. Bonneville Power Administration (BPA) officials say the
500,000-volt line is needed to carry more power to rapidly growing King
County, in Washington State, or the next spell of sub-freezing winter
weather could bring brownouts or other problems. BPA earlier picked a route
along an existing BPA line through the Cedar River Watershed, which is the
source of water for most King County residents. That raised strong
objections from Seattle City officials and environmentalists, but the route
hasn't been ruled out. (Southcountyjournal.com, 12 Jun)
Poll urges Congress to pass energy plan. According to a recent poll
conducted on 1,000 adults at the behest of the Alliance for Energy and
Economic Growth, Americans feel more strongly about the need to enact an
energy plan now than they did last fall. More than 8 of 10 Americans polled
want Congress to pass comprehensive energy legislation now in order to
ensure stable energy supplies and strengthen national security. These
findings come as a House-Senate Conference Committee is being appointed to
resolve differences in House and Senate passed energy bills. The Alliance
for Energy and Economic Growth is a broad coalition of more than 1,300
energy producers and users, representing both large and small businesses, as
well as labor unions. The Alliance is united in support of comprehensive
energy legislation that will increase domestic energy supplies, modernize
the energy infrastructure, and strengthen the economy. (Federal Computer
Week, 12 Jun)
Status of General Aviation Operations at Reagan National Airport. Over the
past 45 days, officials of the U.S. Department of Transportation (DOT) have
been working closely with the General Aviation (GA) community to develop
plans to restore GA operations at Ronald Reagan Washington National Airport
(DCA). Tentative conclusions on such plans have been reached by DOT and the
GA community. In a meeting yesterday with representatives of the GA
community, DOT Deputy Secretary Michael Jackson announced that the U.S.
Government would delay any implementation of the draft plans while
continuing to assess security requirements for General Aviation at DCA.
Deputy Secretary Jackson said that the Department would convene another
meeting with General Aviation industry representatives in approximately 30
days, and will continue to keep them apprised of its progress. (PR
Newswire, 12 Jun)
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
