_________________________________________________________________ London, Monday, December 16, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] Victims' families, union among powerful forces in homeland security [2] All eyes on Total Info Awareness [3] Threats move beyond Linux to Windows [4] U.S. widens leeway of CIA to kill terrorists [5] Ask Not What the Internet Can Do for You [6] 2003 forecast: Linux will eat Unix [7] Anti-terrorism threatens PC privacy [8] Angry Kuwaiti hacker launches cyber attack [9] Bugwatch: 'Tis the season to be careful [10] High-Tech Hack Attack Case Tests the Strength of Legal Ethics in an Electronic World [11] Forces to test text-mining tool [12] Home PC users to blame for virus outbreaks [13] Versar wins Navy integration work [14] E-government projects aim to simplify paperwork for feds [15] A Year-end Mailbag [16] Cobalt security patch creates new holes [17] IDC predicts strong security app sales [18] Top homeland security adviser to exit post [19] Ex-Defense officials form investment fund for small tech firms [20] Time for everyone to get serious about firewalls _________________________________________________________________ CURRENT THREAT LEVELS _________________________________________________________________ Electricity Sector Physical: Elevated (Yellow) Electricity Sector Cyber: Elevated (Yellow) Homeland Security Elevated (Yellow) DOE Security Condition: 3, modified NRC Security Level: III (Yellow) (3 of 5 _________________________________________________________________ News _________________________________________________________________ [1] Victims' families, union among powerful forces in homeland security By Siobhan Gorman, Sydney J. Freedberg Jr., and Peter H. Stone, National Journal New, amorphous, and far-reaching, homeland security is a possible target for every special interest in town-particularly those scavenging for federal dollars or trying to duck costly new regulations. The first taste of this intense lobbying came last month, when the Senate's homeland security bill nearly collapsed at the last minute under the weight of special-interest add-ons-financial breaks for everyone from pharmaceutical companies to Texas A&M University. The new Homeland Security Department will have a budget of nearly $37 billion and 170,000 employees from 22 different agencies. The big challenge for the department, and for Congress, will be to harness what threatens to become a lobbying free-for-all. Without careful congressional monitoring, says Frank Hoffman, who was a top aide to the Hart-Rudman Commission on terrorism, "I'm afraid the special interests will win every single time. If all the special interests get what they want, [the department] will turn out to be a placebo. There won't be any real safety, because there will be so many exceptions and so many holes." http://www.govexec.com/dailyfed/1202/121302nj1.htm ---------------------------------------------------- [2] All eyes on Total Info Awareness BY Dan Caterinicchia Dec. 16, 2002 Perhaps no project being developed as a result of the Sept. 11, 2001, terrorist attacks has caused such intense public scrutiny and debate as the Defense Advanced Research Projects Agency's Total Information Awareness (TIA) system. TIA, in theory, will enable national security analysts to detect, classify, track, understand and pre-empt terrorist attacks against the United States by spotting patterns using public and private transaction and surveillance methods. The system, parts of which are already operational, incorporates transactional data systems, including private credit card and travel records, biometric authentication technologies, intelligence data and automated virtual data repositories. Its goal is to create an "end-to-end, closed-loop system," to help military and intelligence analysts make decisions related to national security, said Robert Popp, deputy director of DARPA's Information Awareness Office (IAO), which is heading up the effort. http://www.fcw.com/fcw/articles/2002/1216/web-tia-12-16-02.asp ---------------------------------------------------- [3] Threats move beyond Linux to Windows By Scott Lowe MCSE, TechRepublic 10 December 2002 UNIX admins have been dealing with rootkits since the early 1990s, when the first ones to be discovered were exploiting SunOS 4 machines. Now, Windows admins must get up to speed, because rootkits are also being used to attack Windows NT and 2000 systems. Hackers can obtain user-level security privileges and install a rootkit, which is basically a collection of tools, to compromise a system or network. The rootkit will exploit a known system vulnerability or crack a password for a user with administrator-level privileges and will then cover the hacker's tracks, making them difficult to detect. The best way to protect your network against rootkits is to know how they work and what type of damage they can do. http://www.zdnet.com.au/newstech/security/story/0,2000024985,20270561,00 .htm ---------------------------------------------------- [4] U.S. widens leeway of CIA to kill terrorists James Risen and David Johnston/NYT The New York Times Monday, December 16, 2002 2 dozen targets put on authorized list if capture is impractical WASHINGTON The Bush administration has prepared a list of about two dozen terrorist leaders that the Central Intelligence Agency is authorized to kill if capture is impractical and civilian casualties can be minimized, senior military and intelligence officials said. The previously undisclosed CIA list of targets includes top leaders of Al Qaeda, like Osama bin Laden and his chief deputy, Ayman Zawahiri, and other principal figures from Al Qaeda and affiliated terrorist groups, the officials said. "It's the worst of the worst," one official said. President George W. Bush has provided written legal authority to the CIA to hunt down and kill the terrorists without seeking further approval each time the agency is about to start an operation. Some officials said the terrorist list was known as the "high-value target list." A spokesman for the White House declined to discuss the list or issues involving the use of lethal force against terrorists. A spokesman for the CIA also declined to comment on the list. http://www.iht.com/articles/80392.html ---------------------------------------------------- [5] Ask Not What the Internet Can Do for You Your role in national security by Bret A. Fausett New Architect January 2003 Not too many years ago, conversations about our nation's critical infrastructure would have revolved around the Interstate Highway System or the television and radio broadcast networks. Not so long before that, the same conversation would have centered on railroads. Times certainly change, and while we haven't abandoned many of the transit and distribution systems of the last century, we've become dependent on new ones, like the Internet. Because of the Internet's recent elevation to critical-infrastructure status, it is now the subject of a new national policy debate about how to secure it. This is a result of the increased awareness of security following the terrorist attacks of September 11 last year. Internet security and stability is now a key responsibility of the fledgling Department of Homeland Security. The focus of the current security debate is a new draft policy document called "The National Strategy to Secure Cyberspace" (www.whitehouse.gov/pcipb/). It was prepared by the President's Critical Infrastructure Protection Board, a group of government and private sector heavyweights appointed by President Bush to examine the state of network security today and to make recommendations for improvement. http://www.newarchitectmag.com/documents/s=7766/na0103h/index.html ---------------------------------------------------- [6] 2003 forecast: Linux will eat Unix 08:32 Friday 13th December 2002 Ed Frauenheim, CNET News.com Linux will take market share from Unix and IT spending will increase, but among IDC's more sobering precictions is that the Internet could be brought to its knees Among one technology researcher's predictions for 2003 is this sobering thought: A major cyberterrorism event will disrupt the economy and bring the Internet to its knees for at least a day or two. The event could take the form of a denial-of-service attack, a network intrusion or even a physical attack on key network assets, said John Gantz, chief research officer of IDC. Gantz spoke Thursday during a teleconference in which the research company laid out its annual forecast of technology developments for the coming year. http://news.zdnet.co.uk/story/0,,t278-s2127480,00.html ---------------------------------------------------- [7] Anti-terrorism threatens PC privacy [MacUser] 13:47 US President George Bush has approved a bill to boost US national security that threatens the privacy of computer users around the world. The full extent of the new arm of the US government - called the Department of Homeland Security - is still being determined, but it will ensure that computer operating systems, hardware, data and the Internet are secure. The US government will be able to access these computer systems to fulfil its remit of protecting national security. Industry experts suggest the ramifications of this agency are huge. 'What kind of control will the US government have over the development of commercial computer operating systems so it can access private information under the guise of "national security"?' said Marc Rotenberg, the director of the Electronic Privacy Information Center. http://www.pcpro.co.uk/?http://www.pcpro.co.uk/news/news_story.php?id=36 273 ---------------------------------------------------- [8] Angry Kuwaiti hacker launches cyber attack JACK FAIRWEATHER IN KUWAIT CITY A YOUNG Kuwaiti computer hacker was being hailed yesterday as a hero for causing the collapse of the Iraqi information ministry web site after loading it with viruses The hacker, 19, known by his computer name of Koko, launched his cyber attack after becoming incensed by a speech by Saddam Hussein last weekend in which the Iraqi leader offered an "apology" for the 1990 invasion of Kuwait. http://www.thescotsman.co.uk/international.cfm?id=1387132002 ---------------------------------------------------- [9] Bugwatch: 'Tis the season to be careful By Donal Casey, anti-virus specialist, Integralis [11-12-2002] Don't lower your guard this Christmas Each week vnunet.com asks a different expert from the antivirus world to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week Donal Casey, antivirus specialist at Integralis, warns of the dangers of complacency as the festive season nears. As Christmas approaches, many IT security personnel are bracing themselves for a hike in personal internet usage as staff log onto e-cards, online shopping facilities and web mail sites to organise their festivities and send greetings to loved ones. http://www.pcw.co.uk/News/1137519 ---------------------------------------------------- [10] High-Tech Hack Attack Case Tests the Strength of Legal Ethics in an Electronic World By The Lawyer's Column Washington Post Staff Writer Monday, December 16, 2002; Page E04 When you think of computer hacking, the stereotypical suspects who come to mind are pimple-faced, pocket-protected teenagers who crack code for kicks. Think Matthew Broderick as the teen hacker in the 1983 film "War Games." Now picture the computer hacker in pinstriped, double-breasted suits on billable hours. Would you believe that a respected law firm, corporate defense attorneys in Dallas and Washington, a petrochemical company, and an industry trade association now stand accused of illegally breaking into the Web site of an expert trial witness? http://www.washingtonpost.com/wp-dyn/articles/A55951-2002Dec14.html ---------------------------------------------------- [11] Forces to test text-mining tool BY Dan Caterinicchia Dec. 16, 2002 As part of an upcoming war games experiment focused on information sharing among coalition partners, U.S. Joint Forces Command will test a text-mining technology that quickly combs through millions of documents in numerous languages. The tool is intended to help analysts identify relationships among targeted people, places and events. The Multinational Limited Objective Experiment 2 is scheduled for Feb. 10-28, 2003, and includes Australia, Canada, Germany and the United Kingdom. It will explore security issues with the goal of examining how to build an operational net assessment (ONA) in a distributed, collaborative environment, according to Joint Forces Command officials http://www.fcw.com/fcw/articles/2002/1216/web-jfc-12-16-02.asp ---------------------------------------------------- [12] Home PC users to blame for virus outbreaks Double the trouble of last year... The proportion of emails containing viruses has almost doubled year-on-year, and the blame is being laid at the door of home users. Virus-scanning firm MessageLabs said it stopped 9.3 million viruses in two billion emails this year, which equated to one virus in every 215 emails. This is compared to 1.8 million viruses stopped in 718 million emails in 2001, or one virus in every 398 emails. According to the report, which measured results up to the end of the second week of December, the most active virus was Klez.H with 4.9 million copies stopped by MessageLabs. Yaha.E came second with 1.1 million copies, then it was Bugbear.A with 842,333. http://www.silicon.com/bin/bladerunner?30REQEVENT=&REQAUTH=21046&14001RE QSUB=REQINT1=56816 ---------------------------------------------------- [13] Versar wins Navy integration work BY Matthew French Dec. 13, 2002 Versar Inc. announced Dec. 12 that the Navy has awarded the company a $6.5 million, five-year contract for systems integration work. The initial work under the contract will support the integration of network-centric data management systems at military test and training ranges in the United States using Versar's Next Generation Management Information System. http://www.fcw.com/fcw/articles/2002/1209/web-navy-12-13-02.asp ---------------------------------------------------- [14] E-government projects aim to simplify paperwork for feds By Amelia Gruber Some of the administration's e-government initiatives will put pay and other human resources information online, making life much easier for federal employees, an Office of Management and Budget official said Friday. At least six of the administration's 24 e-government initiatives will put electronic training, travel, records management and payroll resources at workers' fingertips, according to Mark Forman, associate director of information technology and e-government at OMB, speaking at an e-government conference on Friday. The initiatives aimed at federal workers will also include a one-stop recruitment center and information on simplifying the acquisitions process. The goal is to "simplify and unify" internal agency procedures that have become inefficient, Forman said. New hires would no longer have to fill out 15 or more forms asking for overlapping, redundant information, he said. And workers could complete training from their desks, which would cost less than if agencies sent employees to courses outside the agency. http://www.govexec.com/dailyfed/1202/121302a1.htm ---------------------------------------------------- [15] A Year-end Mailbag "Why are you rambling?," and other feedback received by your anti-virus columnist. By George Smith Dec 15, 2002 As the end of the year approaches, it's time to turn the column over to some outside grumbling, and expose scabs that regular readers of these essays say need repeated picking. Nick B., a sysadmin of a network of some national repute, writes to say he'd like to see some different -- more real -- figures attributed to losses due to computer virus-related troubles. So I called upon him to don his thinking cap for a minute and indulge me as chairman for a day of Economics-Schmeckonomics, a high-tech risk assessment firm I concocted to lend realism to the exercise. Nick reckoned he could be as accurate as anyone from anti-virus PR firms in supplying numbers and I agreed. It turns out losses at Nick's enterprise are spread over a wide range of things: "imperfectly preventing viruses from coming in," hard disk failure (about "seven percent on our network" per annum) and other garden-variety pests. One of these was the brain sinkhole known as the JDBMGR.EXE hoax, a fake virus warning that mercilessly spawns phone calls from users who have balled up something by following its bogus instructions for removal. http://online.securityfocus.com/columnists/130 ---------------------------------------------------- [16] Cobalt security patch creates new holes By John Leyden Posted: 13/12/2002 at 15:19 GMT A security-hardening patch for Sun Cobalt appliances causes more problems than it solves, the company admits. Instal the SHP (Security Hardening Patch) on Cobalt RaQ 4 server applianc and you make it vulnerable to attacks from crackers who could run arbitrary code on the appliances with root privileges, Sun warns in a notice issued this week. http://www.theregister.co.uk/content/55/28565.html ---------------------------------------------------- [17] IDC predicts strong security app sales By ComputerWire Posted: 16/12/2002 at 09:44 GMT Market forecasts made by researchers with International Data Corp suggest that integrated hardware appliances will next year become the primary purchase target for enterprises buying security software. The firewall/virtual private network (VPN) security appliance market maintained a healthy growth rate of 34% from 2000 to 2001 and exceeded the $1bn mark in vendor revenue, the market researchers report. Netscreen Technologies Inc, SonicWall Inc, Cisco Systems Inc and Nokia Internet Communications all sell high-speed integrated security appliances that host a variety of Virtual Private Network (VPN), firewall, anti-virus or content-filtering applications in a single unit. WatchGuard Technologies Inc also figures in the sector after it acquired RapidStream Inc, another supplier of high-speed security appliances. http://www.theregister.co.uk/content/55/28576.html ---------------------------------------------------- [18] Top homeland security adviser to exit post >From National Journal's Technology Daily Mark Holman, who has been a close, long-time aide to White House Homeland Security Adviser Tom Ridge, is leaving his post as deputy assistant for Homeland Security at the end of the year, Influence Online reported. Holman is returning to the Washington office of Blank Rome Consulting, a lobbying unit of Philadelphia law firm Blank Rome Comisky & McCauley. Holman worked for Ridge for almost two decades, as chief of staff for then-Rep. Ridge, R-Pa., from 1983 to 1991, and then as chief of staff for Ridge when he was governor of Pennsylvania. http://www.govexec.com/dailyfed/1202/121302td2.htm ---------------------------------------------------- [19] Ex-Defense officials form investment fund for small tech firms By William New, National Journal's Technology Daily A team of veterans of the defense community is forming a venture-capital fund designed to address the gap between small commercial technology firms and the government's needs for military and homeland security goals. "You have a discontinuity between how the government and commercial world operate," said David Oliver, a former Defense Department acquisitions officer who now heads his own consulting firm in Alexandria, Va. "We are trying to bring to government's attention things that are technological advantages" and make a profit at the same time. Oliver said in an interview that the private sector has many great technologies, but it is "really hard" to place technologies properly within government. The trick is to match the technology with the person in government who needs it and who is willing to accept it, he said. http://www.govexec.com/dailyfed/1202/121302td1.htm ---------------------------------------------------- [20] Time for everyone to get serious about firewalls By Hiawatha Bray, Globe Staff, 12/16/2002 here's nothing like getting a computer for Christmas - especially if it's somebody else's. If your machine's on the Internet, it's under near-constant attack from people who'd like to ''own'' it. And if some digital crook can read all of your files or install a piece of rogue software on your machine, you might as well give him the sales receipt as well. Everybody frets about viruses, rightly enough. But computer users are only just starting to get serious about protecting their machines from network intruders. Firewalls - software programs that analyze and regulate exchanges of data between your computer and the Internet - aren't a foolproof solution, but they are a minimal requirement for safe surfing. Yet millions of us don't use them, even as they become cheaper, simpler, and more desperately needed. http://www.boston.com/dailyglobe2/350/business/Time_for_everyone_to_get_ serious_about_firewalls+.shtml _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ ------------------------------------------------------------------------ 'Information is the currency of victory on the battlefield.' GEN Gordon Sullivan, CSA (1993) ------------------------------------------------------------------------ Wanja Eric Naef Principal Researcher IWS - The Information Warfare Site http://www.iwar.org.uk ------------------------------------------------------------------------ Join the IWS Infocon Mailing List @ http://www.iwar.org.uk/general/mailinglist.htm ------------------------------------------------------------------------ To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk