NIPC Daily Report 03 April 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures.
US to issue more secure passports. The State Department unveiled a new "state-of-the-art" passport designed to prevent misuse of American passports by terrorists. Effective April 8, all newly issued US passports will have enhanced security features, the most prominent being the use of digital photos. For security reasons, the State Department declines to elaborate on other enhancements. The technology needed to issue the new passports is not yet available at US embassies and consulates abroad, so overseas passport issuance is being transferred to the National Passport Processing Center in Portsmouth, New Hampshire. (CNN, 2 April) WWU Comment: With the seeming ease at which terrorists have been falsifying official US documentation, this step toward a more secure records procedure is a step in the right direction. The possibility does exist that the current official passports could still be in use by terrorists and others that wish to do harm to the US. FTC Canada and some states join fight against Internet e-mail fraud. The Federal Trade Commission (FTC), joined by the FBI and several state and some Canadian agencies, is cracking down on spam and fraud on the Web. Sixty-three cases have been brought against Internet spammers in the last six months. The FTC said it will warnings against hundreds more. "The FTC and its law enforcement partners are sending a signal to scammers: We're out there surfing the Net, reading our spam and working together to stop Internet scams," said J. Howard Beales III, director of the FTC's Bureau of Consumer Protection. Called International Netforce, the initiative is intended to stop the activities, freeze assets, and press criminal charges against people and companies that commit fraud over the Internet. (Computer World, 2 Apr) Spreading the safety net. Spurred by the events of 11 September 2001, some companies have been decentralizing their technical resources. Business continuity can be strengthened through distribution - moving information and computing power away from the central office so business can get back up and running relatively quickly. Distributing resources to offsite locations also helps employees access the information and applications they need during a disaster or business interruption. Common forms of distribution for business continuity include offsite storage, data backup, and distributed datacenters with processing power available. There are drawbacks to distribution. Backups must be accessible, and they must be tested to ensure information is being recorded accurately. Spreading resources too thin can also harm a business continuity plan. Over all, decentralization decreases the risk of a single incident disrupting all business. (InfoWorld, 29 Mar 02) Guard takes part in security exercise. The Army National Guard took part earlier this month in a homeland security exercise, providing its intranet, known as GuardNet, to allow public safety agencies and National Guard personnel to coordinate their response to simulated terrorists acts in cities nationwide. GuardNet served as the backbone for the Domestic Emergency Response Information Service, an information portal for federal, state and local personnel responding to emergencies. The service is designed to link first responders to existing information resources and networks. The exercise scenario allowed the responders to "come as you are" with various technologies, from handheld devices to laptops, and still be able to share information with one other and to access their base resources. The goal was to eliminate communication as the hardship. The biggest obstacle was working through the firewalls and intrusion-detection systems of the various agencies, which took two to three hours in some cases. That time is expected to decrease as collaboration and cooperation increase in the future. (Federal Computer Week, 01 Apr) DISA seeks detection system. The Defense Information Systems Agency last week announced plans to work with a civilian contractor to develop a system to help detect, analyze and defend against cyberattacks across Defense Department networks. In a March 27 notice, DISA officials said the department needed a system to "monitor and analyze the immense amounts of computer traffic and detect the missions of hacker attacks and denial-of-service attacks launched against DISA's Global Information Grid daily." The grid includes unclassified and classified DOD networks worldwide. Numerous individual defense organizations already have intrusion-detection systems on their networks, but DOD has only just begun integrating such protection across the department. (Federal Computer Week, 01 Apr) Windows Media Player vulnerability. Security experts believe malicious virus writers who are now all but shut out of attacking another Microsoft product, Outlook 2002, could soon target Windows Media Player. They have discovered that the program allows malicious hackers to easily bypass Outlook's new security features, which block delivery of dangerous e-mailed attachments and turn off active scripting by default. A downloadable security update from Microsoft adds the same protections to Outlook 2000. The experts say HTML-formatted e-mail containing code identified as a file that Media Player "trusts" can be embedded in an e-mail, which Outlook will then automatically allow the player to execute. "Bad guys will keep looking for a way into a system. If they think Outlook is harder to get into, they'll try something else like WMP," said Richard Forno, chief technology officer at Shadowlogic, said. "They'll keep turning doorknobs until they can exploit something." (Wired.com News, 27 Mar 02) IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
