_________________________________________________________________ London, Monday, November 04, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] FBI director says industry must do more to prevent cyberattacks [2] Agencies, companies urged to set guidelines for fighting cyberterrorism [3] Root-Server Attack Traced to South Korea, U.S. [4] Personal data travels far [5] Microsoft dodges bullet [6] But some shut their Windows [7] Open source courses through DOD [8] European police say they can't keep up with cyber criminals [9] Feds pursue secrecy for corporate victims of hacking [10] SPAMMER HAMMERED BY VERIZON BAN [11] Scary Movie [12] IG: State Department flunks systems security [13] U.S. fears terrorists will imitate snipers [14] State CIOs see accord with feds [15] 'Sensitive' label strikes nerve [16] How to get certified security for Win2k, by Microsoft [17] Proof Win2K is still insecure by design [18] Pentagon completes 'playbooks' for terrorism scenarios [19] A New Cryptography Uses the Quirks of Photon Streams [20] U.S. should fund R&D for secure Internet protocols, Clarke says [21] New worm aims to infest Australian systems [22] New Wi-Fi security would do little for public 'hot spots' [23] Popular Linksys Router Vulnerable to Attack _________________________________________________________________ News _________________________________________________________________ [1] FBI director says industry must do more to prevent cyberattacks By Shane Harris FBI Director Robert Mueller Thursday implored industry technology executives to do a better job securing the Internet and other data networks by reporting incidences of online crime to the bureau. "You're not enabling us to do [our] job" by withholding reports about criminals who successfully penetrate companies' data networks or attack their systems, Mueller told those attending a Falls Church, Va. forum on combating online crime and cyberterrorism. Corporations are reluctant to report such attacks to law enforcement agencies for fear of revealing their systems' vulnerabilities. They worry the information could give competitors an edge, or invite more attacks by criminals once they discover the weaknesses. http://www.govexec.com/dailyfed/1002/103102h1.htm FBI seeks help vs. Cybercrime http://www.fcw.com/fcw/articles/2002/1028/web-fbi-11-01-02.asp ---------------------------------------------------- [2] Agencies, companies urged to set guidelines for fighting cyberterrorism By Molly M. Peterson, National Journal's Technology Daily The war on cyberterrorism requires law enforcement agencies and the private sector to develop guidelines and protocols for sharing information about network vulnerabilities and cyber attacks, government and industry leaders said Thursday. "Face-to-face relationships are great, but we need to go beyond that," Chris Painter, deputy chief of the Justice Department's Computer Crime and Intellectual Property Section (CCIPS), said during a cyber-security forum at Computer Sciences Corp. headquarters in Falls Church, Va. Painter led one of several workshops in which law enforcement and private-sector officials discussed obstacles to information sharing. Conference organizers said they closed those workshops to the media in order to encourage participants to discuss problems and ideas with as much candor as possible. http://www.govexec.com/dailyfed/1102/110102td1.htm ---------------------------------------------------- [3] Root-Server Attack Traced to South Korea, U.S. By Brian Krebs washingtonpost.com Staff Writer Thursday, October 31, 2002; 3:30 PM Last week's attacks on the Internet's backbone likely emanated from computers in the United States and South Korea, FBI Director Robert Mueller today said. "The investigation is ongoing," Mueller said at an Internet security conference in Falls Church, Va. He did not offer more details on the investigation, nor did he outline the evidence investigators have gathered so far. http://www.washingtonpost.com/wp-dyn/articles/A46872-2002Oct31.html ---------------------------------------------------- [4] Personal data travels far BY William Matthews Nov. 1, 2002 Technology is making it much easier for government agencies to share information, so they are -- including details about your bank accounts, medical complaints and family lives. Personal information from an electronic application for a student loan, for example, may be transmitted to 10 other government agencies and private entities such as consumer reporting agencies, schools and lawyers. http://www.fcw.com/fcw/articles/2002/1028/web-privacy-11-01-02.asp ---------------------------------------------------- [5] Microsoft dodges bullet Steve Lohr The New York Times Monday, November 4, 2002 NEW YORK When the federal government and 20 states filed their sweeping antitrust suit against Microsoft in May 1998, the company dominated the personal computer business and was aggressively moving into the neighboring markets of software for handheld computers, cell phones, television set-top boxes and big data-serving computers. It still is, more than four years later. And there is little in the ruling Friday on sanctions in the Microsoft case, by Judge Colleen Kollar-Kotelly of U.S. District Court, that will slow down the big software maker. http://www.iht.com/articles/75644.html ---------------------------------------------------- [6] But some shut their Windows Ariana Eunjung Cha The Washington Post Monday, November 4, 2002 MERIDA, Spain Luis Millan Vazquez de Miguel, a college professor turned politician, is succeeding where multibillion-dollar multinational corporations have failed. He is managing to unseat Microsoft Corp. as the dominant player in the software industry, at least in his little part of the world. Vazquez de Miguel is the minister of education, science and technology in Extremadura, a rural western region of Spain made up of expanses of olive trees and small towns and villages with a total of 1.1 million inhabitants. In April, the government began an unorthodox campaign to convert all the area's computer systems, in government offices, businesses and homes, from the Windows operating system to Linux, a free alternative. Already, Vazquez de Miguel said, more than 10,000 desktop machines have been switched, with 100,000 more scheduled for conversion in the next year. Organizers regard the drive as a low-cost way to bring technology to the masses in the relatively poor region. ''We are the future,'' he said. ''If Microsoft doesn't become more open and generous with its code, people will stop using it, and it will disappear.'' Extremadura is being closely watched by Linux enthusiasts and Microsoft to see how it manages the transition. Such efforts are likely to become the next front in the battle to steal market share from Microsoft now that a federal judge has approved a settlement in its antitrust case in the United States. http://www.iht.com/articles/75669.html ---------------------------------------------------- [7] Open source courses through DOD BY Dan Caterinicchia Nov. 1, 2002 What would happen if open source software were banned in the Defense Department? A recent study conducted by Mitre Corp. for DOD posed that hypothetical question and found this answer: The department's cybersecurity capabilities would be crippled and other areas would be severely impacted. Mitre Corp. was asked to develop a listing of open-source software applications at DOD and to collect representative examples of how those applications are being used. Over a two-week period, an e-mailed survey identified 115 applications and 251 examples of use, and Mitre's report acknowledged that actual use could be "tens of thousands of times larger than the number of examples identified." http://www.fcw.com/fcw/articles/2002/1028/web-open-11-01-02.asp ---------------------------------------------------- [8] European police say they can't keep up with cyber criminals LONDON (Reuters) - Europe is losing out in its fight against cybercrime, a top law enforcement official said on Friday. "With cybercrime, it's become so obvious that we've lost the battle even before we've begun to fight. We can't keep up," Rolf Hegel, head of Europol's serious crime department, told the Compsec 2002 computer security conference here. The broad threat of cybercrime has puzzled police forces around the world for years. And now there is mounting evidence that organized criminal groups are using new technologies to commit everyday crimes and some new ones. http://www.usatoday.com/tech/news/computersecurity/2002-11-01-europe-cyb ercrime_x.htm ---------------------------------------------------- [9] Feds pursue secrecy for corporate victims of hacking Copyright C 2002 By TED BRIDIS, Associated Press WASHINGTON (October 31, 2002 6:36 p.m. EST) - Senior law enforcement officials assured technology executives Thursday that government will increasingly work to keep secret the names of companies that become victims to major hacking crimes, along with any sensitive corporate disclosures that could prove embarrassing. The effort, described at a cybercrime conference in northern Virginia, is designed to encourage businesses to report such attacks and build public confidence in Internet security. Officials promised to use legal mechanisms, such as protective orders and sealed court filings, to shield corporate hacking victims from bad publicity. http://www.nandotimes.com/technology/story/601028p-4652104c.html See also http://www.usatoday.com/tech/news/computersecurity/2002-11-01-hacking-vi ctims_x.htm ---------------------------------------------------- [10] SPAMMER HAMMERED BY VERIZON BAN By SAM SMITH November 3, 2002 -- Junk e-mailer Alan M. Ralsky has had his wings clipped. The man The Post recently identified as one of the 10 most notorious junk e-mailers in the world, agreed to change his spamming ways last week in a settlement with Verizon Internet Services. Ralsky, who boasted to The Post prior to the settlement that he saw "nothing but growth" for his business, is now banned from Verizon's vast Internet system. The Chicago-based e-mailer told The Post he routinely sent out 30 million junk e-mails per day. http://www.nypost.com/news/regionalnews/61193.htm ---------------------------------------------------- [11] Scary Movie Hollywood's creative geniuses have launched a new horror genre: the computer virus slasher film. How did we live without this? By George Smith Nov 04, 2002 On Halloween, "The Mangler 2.0" virus took over my TV. It's a horror movie from Artisan Entertainment now available on VHS and DVD. The screenplay was written in nine whole days, bragged the credits. It was just like real life. First off, there is this rich girl, Jo. She's angry at her never-home pop so she puts a virus into his corporate network. You can tell she knows that what she's doing is wrong even while driven by the evil compulsion. It's the purple lipstick, invasion of company property after midnight and the cat-burglar wear that give it away. http://online.securityfocus.com/columnists/121 ---------------------------------------------------- [12] IG: State Department flunks systems security By Wilson P. Dizard III GCN Staff The State Department's information system security remains weak a year after the department was told of serious flaws, according to a recent report by the State inspector general's office. The IG reviewed system security in accordance with the Government Information Security Reform Act, which calls for annual reviews. Even though State made a plan for certifying and accrediting its systems, it has no timetable, according to the IG. http://www.gcn.com/vol1_no1/daily-updates/20398-1.html ---------------------------------------------------- [13] U.S. fears terrorists will imitate snipers By George C. Wilson, National Journal The U.S. intelligence net has caught terrorists abroad talking admiringly over the past several days about the sniper attacks that paralyzed much of the Washington area in October, and this has raised fears within the government that Islamic extremists will deploy snipers to other American cities soon, U.S. officials have told National Journal. "Terrorists in general engage in cross-group learning," said one official knowledgeable about the recent overseas discussions of the sniper attacks. They "take note of how we react to calamities, like other terrorists attacks." They saw how "two men with a rifle" shooting out of a $250 used Chevrolet "occupied the entire region, resulting in significant disruption of daily activities," the official said. "This has no doubt given ideas to terrorists." If President Bush does wage war against Iraq, it could trigger sniper attacks against Americans in a number of cities, officials warned. If this happened, American civilians would find themselves in greater personal danger from warfare than at any other time since the Civil War. Back then, armies swirled around civilians and sometimes deliberately destroyed their property, as in Union Gen. William Tecumseh Sherman's fiery march through the South in 1864. http://www.govexec.com/dailyfed/1102/110102nj2.htm ---------------------------------------------------- [14] State CIOs see accord with feds BY Dibya Sarkar Nov. 1, 2002 The keynote speeches of two senior White House officials signaled a "rhetorical alignment" between the federal and state governments on homeland security, e-government and other issues, several state chief information officers acknowledged. But they said that officials must now move beyond that. Governments need to produce "actionable plans" on these issues, said Gerry Wethington, Missouri's CIO and new president of the National Association of State Chief Information Officers, during a roundtable discussion at NASCIO's annual conference in St. Louis this week. http://www.fcw.com/geb/articles/2002/1028/web-state-11-01-02.asp ---------------------------------------------------- [15] 'Sensitive' label strikes nerve BY William Matthews Oct. 31, 2002 Presidents from three prestigious government science academies have urged the Bush administration not to declare information "sensitive but unclassified" and withhold it from the public. During the past year, dozens of federal agencies have adopted informal policies of suppressing information that they think could be helpful to terrorists planning attacks against the United States. And since summer, the Office of Management and Budget has been considering whether to adopt a formal policy for withholding sensitive information. http://www.fcw.com/fcw/articles/2002/1028/web-info-10-31-02.asp ---------------------------------------------------- [16] How to get certified security for Win2k, by Microsoft By John Lettice Posted: 31/10/2002 at 17:52 GMT Windows users whose spirits lifted at this week's announcement of Common Criteria certification* for Microsoft's Windows 2000 would do well to take a look at some of the assumptions and restrictions associated with the tested system. While perhaps not as extreme as when NT passed Orange book certification so long as it wasn't connected to a network, these do seem just a little restrictive and artificial. http://www.theregister.co.uk/content/55/27877.html ---------------------------------------------------- [17] Proof Win2K is still insecure by design By John Leyden Posted: 31/10/2002 at 15:40 GMT A day after boasting that Windows 2000 has won Common Criteria security certification, Microsoft was yesterday obliged to warn of two nasty vulnerability affecting, er, Windows 2000. The timing couldn't be more embarrassing for Redmond but, let's face it, the appearance of more bugs in Win2K (or IE, WinXP etc.) is hardly much of a surprise. First up and more seriously, a buffer overflow flaw has been unearthed involving Microsoft's implementation of Point-to-Point Tunnelling Protocol (PPTP), a Virtual Private Networking technology natively supported within Windows 2000 and Windows XP. PPTP support is an optional component in Windows NT 4.0, Windows 98, Windows 98SE, and Windows ME. http://www.theregister.co.uk/content/55/27874.html ---------------------------------------------------- [18] Pentagon completes 'playbooks' for terrorism scenarios By Bryan Bender, Global Security Newswire The Defense Department has completed a set of "playbooks" outlining how government authorities should deal with a variety of terrorist and other scenarios involving weapons of mass destruction and mass casualties, according to a senior Pentagon official. Stephen Younger, director of the Pentagon's Defense Threat Reduction Agency, said yesterday the series of response plans-first ordered during the Clinton administration-have been approved and are being circulated among key government agencies. The playbooks are designed to "identify the hard problems" in dealing with a catastrophic terrorist attack, he told a nuclear, chemical, and biological defense conference sponsored by Aviation Week. http://www.govexec.com/dailyfed/1102/110102gsn1.htm ---------------------------------------------------- [19] A New Cryptography Uses the Quirks of Photon Streams By JOHN MARKOFF The quirky world of quantum physics, where mathematical elements can hold multiple values and objects can be in several places at once, is heading toward commercial products. A start-up company, MagiQ Technologies, plans to announce today a cryptogaphy - or code - system that uses a technology called quantum key distribution to thwart eavesdropping on a fiber optic communication channel. The company, based in New York, says it has a working model of its system and will have a commercial version available in the second half of next year. http://www.nytimes.com/2002/11/04/technology/04QUAN.html?ex=1037077200&e n=4c97eb506661bf4f&ei=5040&partner=MOREOVER ---------------------------------------------------- [20] U.S. should fund R&D for secure Internet protocols, Clarke says By William Jackson GCN Staff Presidential cybersecurity advisor Richard Clarke today renewed his call for government funding to support R&D for more secure Internet protocols. Clarke told reporters that security and reliability of the basic protocols underlying the Internet have not received enough attention because no one has a proprietary interest in them. http://www.gcn.com/vol1_no1/daily-updates/20382-1.html ---------------------------------------------------- [21] New worm aims to infest Australian systems By Patrick Gray, ZDNet Australia 01 November 2002 An Internet worm, posing as an anti-virus update arriving in an email, is also using peer to peer (P2P) software to spread. The Merkur worm, aka W32.HLLW.Merkur@mm arrives in email form with the subject "Update your Anti-virus Software" and has an attachment named "Taskman.exe". The worm relies solely on the recipient being fooled into running the attachment to spread. http://www.zdnet.com.au/newstech/security/story/0,2000024985,20269585,00 .htm ---------------------------------------------------- [22] New Wi-Fi security would do little for public 'hot spots' By BOB BREWIN OCTOBER 31, 2002 The new security features that wireless LAN vendors plan to build into products under the Wireless Protected Access (WPA) program will do little to protect enterprise or individual users in the booming Wi-Fi public-access "hot spot" market. http://www.computerworld.com/securitytopics/security/story/0,10801,75535 ,00.html ---------------------------------------------------- [23] Popular Linksys Router Vulnerable to Attack By Dennis Fisher A denial-of-service vulnerability in one of the most popular cable and DSL routers allows an attacker to crash the router from a remote location. The Linksys Group Inc.'s BEFSR41 EtherFast Cable/DSL Router with 4-Port Switch is vulnerable to a remote DoS attack that requires the attacker to do nothing more than access a specific script on the router's remote management interface. The vulnerability affects all of the routers with firmware versions earlier than 1.42.7. http://www.eweek.com/article2/0,3959,663801,00.asp ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk