_________________________________________________________________ London, Wednesday, September 11, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ IWS Sponsor IQPC Defence Conference: Information Operations 2002 25-26/09/02 Information Operations 2002: Analysing development in defensive and offensive information operations, critical infrastructure protection, information assurance and perception management. September 25 - 26, 2002. London, UK (Pre-Conference Masterclass: 24th September 2002) Information Operations 2002 Conference Web Site http://www.iqpc-defence.com/GB-1826 _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] Experts Say Attack Anniversary Cyberthreats Unfounded [2] F-Secure Virus Descriptions: Chet Worm [3] TSA chief: Don't ease airport security deadlines [4] Insecurity plagues US emergency alert system [5] AltaVista and Google to fight Chinese censorship [6] NIPC: "Possible Threats to U.S. Interests" [7] Energy Utilities Ramp Up Security [8] Comment: Clued-up staff preserve evidence [9] Script Kiddies 2002 - A continued threat to online business [10] Focus on Iran and Syria, Not Iraq, Graham Says [11] Intel's new chip for security Renaissance [12] Solace in a virtual world: Memorials on the Web [13] Java flaws burn Internet Explorer [14] Cybersecurity firms not profiting as expected [15] Baltimore Cops Get Connected [16] Microsoft buys security software company [17] Exploring XML Encryption, Part 2 _________________________________________________________________ News _________________________________________________________________ ``If Osama was going to double-click us to death he would have done it six weeks ago. He's low-tech. He likes flying aircraft into skyscrapers,'' the computer expert said. [1] Experts Say Attack Anniversary Cyberthreats Unfounded By REUTERS Filed at 8:15 p.m. ET SAN FRANCISCO (Reuters) - Fears of a cyberattack inspired by the Sept. 11 attacks faded on Tuesday, a day ahead of the anniversary, with the only threat to emerge a year-old virus hoax called ``World Trade Center Survivor.'' Experts predicted that Wednesday is likely to be just another day on the Internet, and if anything a quiet day for cybercriminals. http://www.nytimes.com/reuters/technology/tech-attack-tech-cyberthreat.html?ex=1 032408000&en=30425ec0fc30e7cd&ei=5040&partner=MOREOVER ---------------------------------------------------- [2] F-Secure Virus Descriptions: Chet Worm Radar Alert LEVEL 2 NAME: Chet SIZE: 26628 ORIGIN: Russia ALIAS: W32/Chet@MM, Anniv911, 11september, September11 This mass-mailer worm was found on September 10th, 2002. As it contains serious bugs, this worm will fail to function on most systems and can not be considered to be a realistic threat at this time. Many things inside the worm's code suggest that it originates from Russia. The worm tries to spread via an attachment file called 11september.exe. When this file is executed, the worm will attempt to send the following e-mail to each address found from the Windows address book: http://www.f-secure.com/v-descs/chet.shtml ---------------------------------------------------- [3] TSA chief: Don't ease airport security deadlines By Matthew Weinstock Lawmakers should not ease up on deadlines to bolster security at the nation's airports, James Loy, acting administrator of the Transportation Security Adminis tration, said Tuesday. Testifying before the Senate Commerce, Science and Transportation Committee, Loy acknowledged that about 10 percent of airports would not meet a Dec. 31 deadline to screen all checked baggage for explosives. Still, Loy does not support a "wholesale" delay in the deadline. Rather, Loy wants to work out extensions with those 30 to 35 airports that are not expected to meet the current deadline, establishing more realistic timeframes and developing interim strategies for screening baggage. Those interim strategies could include more hand searches and the use of bomb-sniffing dogs. TSA officials are uncertain if legislation is needed to grant the extensions, but Loy made it clear that he wants to work with Congress to come up with a viable solution. http://www.govexec.com/dailyfed/0902/091002w1.htm ---------------------------------------------------- [4] Insecurity plagues US emergency alert system By Kevin Poulsen, SecurityFocus Online Posted: 09/10/2002 at 17:25 EST A national alert system that gives the president the ability to take over the U.S. airwaves during a national crisis may inadvertently extend hackers the same courtesy, thanks to security holes that put radio stations, television broadcasters and cable TV companies at risk of being commandeered by anyone with a little technical know-how and some off-the-shelf electronic components. http://www.theregus.com/content/55/26267.html ---------------------------------------------------- [5] AltaVista and Google to fight Chinese censorship By ComputerWire Posted: 11/09/2002 at 06:46 GMT AltaVista Co and Google Inc have both seen their web search engines become inaccessible to internet users in China, evidently as part of a censorship initiative in the run-up to the Chinese communist party congress in November, Kevin Murphy writes. But AltaVista is offering affected users alternate ways to access its services. The company yesterday told users they could visit raging.com or one of AltaVista's international sites, which offer the same search services but are not blocked. http://www.theregister.co.uk/content/6/27062.html ---------------------------------------------------- [6] NATIONAL INFRASTRUCTURE PROTECTION CENTER "Possible Threats to U.S. Interests" NIPC Advisory 02-007 10 September 2002 Today, the U.S. Government raised the Threat Condition level from Elevated (yellow) to High (orange). As previously described in NIPC Information Bulletin 02-007 ("First Anniversary of the September 11th Attacks And Other Dates of Interest"), there remains no specific and credible information indicating that a particular event or location in the United States will be targeted for terrorist activity. However, the raised Threat Condition level is deemed appropriate due to credible intelligence and recent statements by terrorists in custody indicating a high threat of near term strikes against U.S. interests. Al Qa'ida preparations for terrorism have continued in past months and at least some of the plots appear ready for implementation. Based on past experience, the most attractive targets to Al Qa'ida leaders would be strikes against: . The transportation or energy sectors, which they have regarded as key to U.S. economic health. . Facilities or gatherings that would be recognized worldwide as symbols of American power or security. (For example, U.S. military facilities and U.S. Embassies, monuments and U.S. Icons). In addition, it appears that lower-level Al Qa'ida operatives and sympathizers see the September 11th period as a suitable time to conduct even small strikes as a demonstration of their worldwide presence and resolve. Therefore, widely dispersed and unsophisticated strikes remain a possibility. The specificity of some of this information has contributed to a decision to close four Embassies in Southeast Asia, and to elevate security at all overseas diplomatic and military facilities. Additional closures may be forthcoming. Critical infrastructure owners and operators are urged to implement appropriate protective measures that correspond to the Orange Condition under the Homeland Security Advisory System. NIPC encourages individuals to report information concerning suspicious activity to their local FBI office, http://www.fbi.gov/contact/fo/fo.htm the NIPC, or to other appropriate authorities. Individuals may report incidents online at http://www.nipc.gov/incident/cirr.htm, and can reach the NIPC Watch and Warning Unit at (202) 323-3205, 1-888-585-9078, or [EMAIL PROTECTED] ---------------------------------------------------- [7] Energy Utilities Ramp Up Security By Evan Koblentz In the wake of the Sept. 11 attacks last year, the IT security needs of the Tennessee Valley Authority-which already were massive-became even more important, said Anthony Smith, the authority's IT security senior manager. Generating enough revenue to run itself without federal assistance, the TVA-the nation's largest public power producer-generates up to 30,000 megawatts of power each year, from 11 coal plants, 29 hydroelectric plants, three nuclear plants, one pump storage plant and backup combustion turbines. TVA serves seven states, 8.3 millions people, and 150 local, municipal and cooperative energy sellers. http://www.eweek.com/article2/0,3959,525968,00.asp ---------------------------------------------------- [8] Comment: Clued-up staff preserve evidence Neil Barrett [30-08-2002] Imagine a nightmare. You return home to find the door swinging open, your property strewn around the room. The TV has been broken, pictures smashed; filth has been smeared over the walls, alongside graffiti and scuff marks. Worst of all, the expensive jewellery at the back of a bedside drawer has been taken along with the cheaper stuff you didn't much care for. But what exactly has happened? Did an intruder choose your home at random, did they stumble over the valuable jewellery while vandalising? Or was jewellery the main objective, and the vandalism designed to disguise the intention? http://www.infomaticsonline.co.uk/Analysis/1134695 ---------------------------------------------------- [9] Script Kiddies 2002 - A continued threat to online business A bit of a break from writing about web marketing and ecommerce this week - on to the subject of Internet security and protecting your online business. About 18 months ago, I released a series of articles in relation to the Script Kiddie problem (see below). I thought I'd carry out some follow up research to see what the situation was in 2002 and I'm sorry to say it's no better - it's gotten a whole lot worse. http://www.stickysauce.com/articles/misctipsarticles/scriptkiddies.htm ---------------------------------------------------- [10] Focus on Iran and Syria, Not Iraq, Graham Says These interviews are the seventh and eighth of a series in which national and world figures reflect on the terrorist attacks and their effect on a year of public life and policy. WASHINGTON, Sept. 9 - Senator Bob Graham, the chairman of the Intelligence Committee, calls the Bush administration's focus on Iraq a distraction from the campaign against terrorism and lists Syria and Iran as countries that should be the first targets of any aggressive effort against state sponsors of terrorist activity. In an interview reflecting on Sept. 11 and its consequences, Mr. Graham, a Florida Democrat, also said he feared that the United States was becoming "bogged down" in an unproductive manhunt in Afghanistan and that the nation needed an "aggressive war plan" to strike at terrorist organizations. http://www.nytimes.com/2002/09/10/politics/10GRAH.html ---------------------------------------------------- [11] Intel's new chip for security Renaissance By Thomas C Greene in Washington Posted: 10/09/2002 at 13:00 GMT Hideous viruses and terrifying hackers will soon be neutralized so that the computing public might finally doze blissfully in a cocoon of safety, Intel announced yesterday at the Developers' Forum. The proposed solution is LaGrande -- which is not, as it sounds, a genteelized pickup truck for suburban use, but a hardware system which will control your computing experience for your own good. It will prevent you from doing silly things by sandboxing numerous risky processes and apparently establishing a secure sanctum sanctorum on one's HDD along lines of the IBM rapid restore gimmick. http://www.theregister.co.uk/content/55/27047.html ---------------------------------------------------- [12] Solace in a virtual world: Memorials on the Web Amy Harmon The New York Times Wednesday, September 11, 2002 There is no grave site for Tracy Orr to visit. The body of her husband, Alex Steinman, was never found in the rubble of the World Trade Center, and her guess is as good as any as to when a permanent memorial to the victims will be built. Instead, Orr makes weekly trips to a virtual memorial - a Web site that, like thousands of others, sprang into existence in the days after Sept. 11 and continues to attract throngs of visitors each month. The steady stream of tributes deposited there by friends and strangers is, she says, a source of tangible comfort despite their electronic form - and because of it. http://www.iht.com/articles/70339.html ---------------------------------------------------- [13] Java flaws burn Internet Explorer By James Middleton [10-09-2002] Microsoft browser riddled with JVM vulnerabilities Security experts have issued warnings about vulnerabilities in the Java Virtual Machine (JVM) contained in the latest versions of Internet Explorer (IE). The flaws allow an attacker to deliver and execute arbitrary code on a victim's system when a hostile website or message is viewed in either IE or Outlook. Finnish security firm Online Solutions claims that it has found 10 different vulnerabilities in the JVM which it has reported to Microsoft. http://www.infomaticsonline.co.uk/News/1134931 ---------------------------------------------------- [14] Cybersecurity firms not profiting as expected BY BARBARA ROSE Chicago Tribune CHICAGO - Not long after last year's terror attacks, Tony Maier's phones at RedSky Technologies Inc. were ringing with inquiries about the company's "E-911" software, which pinpoints locations of employees dialing for help from inside large buildings. The Chicago company's sales continue to grow, but they've not met the expectations raised by a surge of interest in security and safety technology after the attacks. http://www.philly.com/mld/philly/business/4045290.htm ---------------------------------------------------- [15] Baltimore Cops Get Connected By John McCormick Online exclusive: The Baltimore City Police Department overhauled its infrastructure to keep its officers in touch. The result: a significant drop in crime. Police sergeant David Rosenblatt cruises downtown Baltimore, as he deals with property thefts, burglaries, and, on occasion, aggravated assaults. Rosenblatt doesn't have a partner in his patrol car; yet he never feels like he's riding alone. The Baltimore City Police Department has connected Rosenblatt and the other 3,000 members of its force to a sophisticated network of computer and communications equipment that keeps its cops in constant touch with each other, and provides a wealth of intelligence about the calls they're assigned to handle-information that improves both their safety and their ability to fight crime. http://www.baselinemag.com/article2/0,3959,525629,00.asp ---------------------------------------------------- [16] Microsoft buys security software company Wednesday 11 September 2002 Microsoft has acquired a small security software manufacturer as part of its continued drive to improve product security and reliability. The software giant has agreed to purchase all the assets of XDegrees for an undisclosed amount, according to a statement issued by the start-up software maker, which is based in California, USA. Some employees will relocate to Microsoft's headquarters, in Redmond, Washington. http://www.cw360.com/bin/bladerunner?REQUNIQ=1031743123&REQSESS=ri2YUY6&REQHOST= site1&2131REQEVENT=&CFLAV=1&CCAT=2&CCHAN=27&CARTI=115662 ---------------------------------------------------- [17] Exploring XML Encryption, Part 2 Implement an XML Encryption engine Bilal Siddiqui ([EMAIL PROTECTED]) CEO, WAP Monster August 2002 In this second installment, Bilal Siddiqui examines the usage model of XML Encryption with the help of a use case scenario. He presents a simple demo application, explaining how it uses the XML Encryption implementation. He then continues with his last implementation of XML Encryption and makes use of JCA/JCE classes to support cryptography. Finally, he briefly discusses the applications of XML Encryption in SOAP-based Web services. In Part 1 of this series, I gave an introduction to XML Encryption and its underlying syntax and processing. I examined the different tags and their respective use in XML encryption with a simple example of secure exchange of structured data, proposed a Java API for XML Encryption based on DOM, and gave a brief overview of cryptography in Java (JCA/JCE). I start my discussion in this part with an information exchange scenario, which demonstrates the use of XML encryption. http://www-106.ibm.com/developerworks/xml/library/x-encrypt2/ ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk