_________________________________________________________________ London, Tuesday, September 10, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ IWS Sponsor IQPC Defence Conference: Information Operations 2002 25-26/09/02 Information Operations 2002: Analysing development in defensive and offensive information operations, critical infrastructure protection, information assurance and perception management. September 25 - 26, 2002. London, UK (Pre-Conference Masterclass: 24th September 2002) Information Operations 2002 Conference Web Site http://www.iqpc-defence.com/GB-1826 _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] White House cybersecurity chief defines cyberthreat [2] (UK) Firms urged to remain vigilant in virus battle [3] 9/11: How the wired world was affected [4] Security pros: Our defences need work [5] Americans favor homeland agency even as trust in government drops [6] Study criticizes White House computer export policy [7] Archaic computer systems hamper war on terror [8] Microsoft's G-man - Former federal prosecutor tackles security [9] Philippines cracks phone hacking ring [10] Cyber Security: Ghosts of September [11] FEMA launches Web site on Sept. 11 response [12] Computer forensics specialists in demand as hacking grows [13] Cybercrimes [14] Va. man sentenced for hacking into UF system [15] Intel announces computer security technology [16] Ban on outsourcing targets may not apply to Defense [17] Microsoft identifies source of Windows 2000 attacks _________________________________________________________________ News _________________________________________________________________ [1] White House cybersecurity chief defines cyberthreat By DAN VERTON SEPTEMBER 06, 2002 Richard Clarke, chairman of the president's Critical Infrastructure Protection Board, recently spoke with Computerworld reporter Dan Verton about the nature and potential of the threat to the nation's critical infrastructure and what he sees as his biggest challenges with respect to national cybersecurity. Excerpts from the interview follow: Q: Can you briefly explain the cybersecurity threat for those who still may not be sure who or what the enemy is? A: There's a spectrum of threats out there, some of which we experience every day. That spectrum runs from [individuals] who simply vandalize Web pages to those who conduct nuisance denial-of-service attacks. That's on the low end, which is usually conducted by young hackers -- so-called script kiddies. http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,74 033,00.html ---------------------------------------------------- [2] Firms urged to remain vigilant in virus battle Anti-virus experts say some sectors of the UK industry still aren't taking email viruses seriously enough. New research from Message Labs suggests one in every 24 emails received by retailers is infected. Their run-down cites entertainment and local government as other sectors still suffering a deluge. http://www.ananova.com/news/story/sm_666878.html?menu=news.technology ---------------------------------------------------- [3] 9/11: How the wired world was affected By John Geralds in Silicon Valley [06-09-2002] Privacy groups talk of the erosion of civil liberties While the first anniversary of 11 September will be marked by moments of silence and readings by the governor of New York, it will also be remembered as a time when world governments moved to restrict privacy, boost surveillance and outline civil liberty issues. Shortly after the events of that catastrophic day, previous proposals by a large number of countries that responded to the threat of terrorism were reintroduced and new policies were drafted to extend police surveillance powers. http://www.infomaticsonline.co.uk/News/1134853 ---------------------------------------------------- [4] Security pros: Our defences need work 09:16 Tuesday 10th September 2002 Robert Lemos, CNET News.com Despite widespread cyberterrorism anxiety, corporations have only made modest gains in security over the past year Though most corporate security professionals see network protection as critical, they have only made modest gains in securing their companies, according to a report published on Monday. http://news.zdnet.co.uk/story/0,,t278-s2122000,00.html ---------------------------------------------------- [5] Americans favor homeland agency even as trust in government drops By Tom Shoop While Americans' overall trust in government has fallen from the very high levels reported after the Sept. 11 terrorist attacks, they still favor creation of a new Cabinet-level Department of Homeland Security to prevent future attacks. In a CNN/Gallup/USA Today poll conducted last week, 60 percent of respondents said Congress should pass legislation to create the new department. Just 29 percent opposed the idea. Eighty percent of the respondents said they had a "fair amount" or a "great deal" of confidence that the federal government can protect citizens from future attacks. http://www.govexec.com/dailyfed/0902/090902ts1.htm ---------------------------------------------------- [6] Study criticizes White House computer export policy WASHINGTON (AP) - The government failed to screen requests by thousands of immigrants in the United States seeking permission to work with sensitive technology that hostile nations could use to develop new weapons, congressional investigators found. The study released Monday by the General Accounting Office, the investigative arm of Congress, was the second within weeks to criticize the Bush administration's oversight of U.S. export restrictions on technology, such as the latest generation of powerful computer chips. http://www.usatoday.com/tech/news/techpolicy/2002-09-09-computer-exports_x.htm GAO Report: Export Controls: Department of Commerce Controls Over Transfers of Technology to Foreign Nationals Need Improvement. GAO-02-972, September 6. http://www.gao.gov/cgi-bin/getrpt?GAO-02-972 ---------------------------------------------------- [7] Archaic computer systems hamper war on terror By Jim Puzzanghera Mercury News Washington Bureau WASHINGTON - After Richard Colvin Reid was arrested for allegedly trying to detonate explosives in his shoes on a U.S.-bound airliner in December, federal officials never searched electronic transportation incident reports to determine if this was a new pattern of terrorist activity. The reason is simple and distressing: The Department of Transportation's computer system doesn't allow those reports to be searched by key words like ``shoe'' and ``bomb,'' a function most computer users take for granted. http://www.siliconvalley.com/mld/siliconvalley/4033433.htm ---------------------------------------------------- [8] Microsoft's G-man - Former federal prosecutor tackles security 2002-09-03 by Cydney Gillis Journal Business Reporter REDMOND -- In his small, barren office at Microsoft, Scott Charney counts off on his fingers what needs to be done to protect computers from being hacked. It's a set of lists, really, each with more questions than Charney can answer. But, first and foremost, his job is to see that employees of the world's largest software company -- and hopefully its customers -- never allow another ``Code Red'' to attack computers. http://www.eastsidejournal.com/sited/story/html/103888 ---------------------------------------------------- [9] Philippines cracks phone hacking ring 09 September, 2002 19:31 GMT+08:00 MANILA (Reuters) - The Philippines said on Monday it had cracked a 100 million peso ($1.9 million) computer hacking ring that had gained access to telephone company lines and sold off cheap phone calls. President Gloria Macapagal Arroyo, to show she is tough on crime, paraded three arrested men, including two Jordanian brothers, before the media at the national police headquarters in Manila. http://asia.reuters.com/news_article.jhtml;jsessionid=TGQQUM32YIGYWCRBAE0CFEY?ty pe=technologynews&StoryID=1425730 ---------------------------------------------------- [10] Cyber Security: Ghosts of September By Michael Singer By the time the second plane was headed for the World Trade Center last year, U.S. Internet security experts were on high-alert looking for signs of online terrorist activity. Fortunately, officials with CERT Coordination Center and the National Infrastructure Protection Center (NIPC) reported no major denial of service (DoS) attacks, viruses or worms unleashed on American Web sites that fateful day. In fact, the only reason the Internet was slow at all during September 11, 2001 was in part due to a glut of people frantically rushing to their favorite news sites. Since then, more focus has been put on cyber security and strengthening the Internet from attacks than any other time during the history of the Internet. And now that 12 months have passed, American corporations have spent billions on cyber security and still a sampling of the country's top IT professionals is almost certain that some type of online attack is on the horizon. http://siliconvalley.internet.com/news/article.php/1459451 ---------------------------------------------------- [11] FEMA launches Web site on Sept. 11 response By Raya Widenoja Federal front-line responders to the Sept. 11 attacks now have their own Web site, telling the stories of their efforts. The Federal Emergency Management Agency launched the new Web site Thursday to commemorate the tragedy and "share with America how FEMA and the federal government on behalf of all America responded" to help the victims and assist in the recovery effort after the attacks, said Cindy Ramsay, a public affairs specialist at FEMA. "The work that began on Sept. 11 and continues today could not have been done without your support," FEMA Director Joe Allbaugh wrote in a message to online readers posted at the site. "Others, like those profiled in this report, may have literally picked up the pieces. But it was your prayers that picked them up and kept all of us going during the dark days after the horror." http://www.govexec.com/dailyfed/0902/090602r1.htm ---------------------------------------------------- [12] Computer forensics specialists in demand as hacking grows By Suzanne Monson Special to The Seattle Times Dick Tracy had it easy. Today's real-life crime-fighters battle villains more sophisticated than those the comic-book character ever faced - and these modern-day crooks often set their sights on threatening business, government and national security using computers. That's why it takes more than a simple high-tech wristwatch to beat computer crime. It takes cybersleuths - experts trained in Information Systems (IS) security, or computer-program protection, and the more advanced skills of computer forensics. http://seattletimes.nwsource.com/html/businesstechnology/134531230_forensics08.h tml ---------------------------------------------------- [13] Cybercrimes It's the next big threat to business security Pamela Griner Leavy Staff Writer Riad Sleit called his Tampa and Sarasota staffs together following the events of Sept. 11 and urged the 58 digital imaging systems and technical consulting employees to get back to business. "If we sit here and feel sorry for ourselves we play into the hands of the people who did this," Sleit, branch general manager for Savin Corp., a Ricoh Co. Ltd. firm, recalls telling the staff. "We have to go out there and drive business as usual. That's the least we owe this country." http://tampabay.bizjournals.com/tampabay/stories/2002/09/09/focus1.html ---------------------------------------------------- [14] Va. man sentenced for hacking into UF system By LISE FISHER Sun staff writer A Virginia man will spend 16 months in a federal prison for hacking into the computer system at the University of Florida astronomy department and causing thousands of dollars in damage. Sentenced Tuesday by Senior U.S. District Judge Maurice Paul, James Francis Babiak, 21, also was ordered to pay $33,970 in damages to UF and $6,260 to Tidewater Community College in Virginia, where Babiak once worked. Babiak entered a guilty plea in January in two cases of fraudulent activity connected with a computer. Prosecutors had charged Babiak with hacking into college computer systems both in Virginia and Florida over the past two years. http://www.gainesvillesun.com/apps/pbcs.dll/article?Site=GS&Date=20020906&Catego ry=LOCAL&ArtNo=209060365&Ref=AR&Profile=1007 ---------------------------------------------------- [15] Intel announces computer security technology MATTHEW FORDAHL AP Technology Writer SAN JOSE, Calif. - In the latest attempt to protect digital information from viruses and hackers, Intel Corp. will integrate advanced security features into its microprocessors and other hardware. The security features, announced Monday at the Intel's conference for developers, will be implemented in processors as early as next year, said Paul Otellini, Intel's president and chief operating officer. Code-named LaGrande Technology, the features will create a "vault" in which data is safely stored and processed. Intel also will secure the pathways within the computer, such as between the vault and the display or keyboard. http://www.siliconvalley.com/mld/siliconvalley/news/4038363.htm ---------------------------------------------------- [16] Ban on outsourcing targets may not apply to Defense By Jason Peckenpaugh Legislation that would prevent agencies from setting numerical targets for outsourcing federal jobs may not apply to the Defense Department, a Defense official said Monday. Both the House and Senate versions of the Treasury-Postal Appropriations bill contain language that would block the Office of Management and Budget from using numerical targets to make federal agencies hold public-private job competitions. OMB has told agencies to compete or outsource 15 percent of their commercial jobs by October 2003, although it has acknowledged that some agencies may fall short of this target. But the Defense Department could still set job competition targets because the department receives no funding from the Treasury-Postal bill, meaning it is exempt from the legislative ban, according to Joe Sikes, director of competitive sourcing and privatization at the Pentagon. http://www.govexec.com/dailyfed/0902/090902p1.htm ---------------------------------------------------- [17] Microsoft identifies source of Windows 2000 attacks By ComputerWire Posted: 10/09/2002 at 07:27 GMT Microsoft Corp is blaming users' failure to apply listed security measures for an "unexplained" surge in attempted hacks against Windows 2000-based servers. Redmond, Washington-based Microsoft yesterday said it has determined a spate of hacks against Windows 2000-based servers do not exploit product-related security vulnerabilities. Neither do attacks appear viral or worm-like in nature, as had been suspected. http://www.theregister.co.uk/content/55/27036.html ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk