NIPC Daily Report 4 June 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures.
Social engineering attacks via IRC and Instant Messaging. The CERT/CC has received reports of social engineering attacks on users of Internet Relay Chat (IRC) and Instant Messaging (IM) services. Intruders trick unsuspecting users into downloading and executing malicious software, which allows the intruders to use the system as an attack platform for launching Distributed Denial-of-Service (DDoS) attacks. The reports to the CERT/CC indicate that tens of thousands of systems have recently been compromised in this manner. (CERT Incident Note IN-2002-03, http://www.cert.org/incident_notes/IN-2002-03.html) White House officials headline national cybersecurity tour. Richard Clarke, President Bush's special adviser for cyberspace security, and Howard Schmidt, vice chairman of the President's Critical Infrastructure Protection Board, have been touring the US headlining a series of "town hall" meetings designed to help develop a national strategy for cyberspace security. The tour will visit Portland, Ore., on 6 Jun and Atlanta on 18 Jun. "The national strategy that we hope will emerge...will represent the work of the military,...the work of state and local governments ...(and) the work of private companies on how [they are] planning to defend...cyberspace," Clarke told those who attended a recent Denver session. Cybersecurity is vital because the Internet is being used to manage critical applications--telecommunications, electricity supply, water systems, and others--for which it was never intended, said Clarke. Today, users of the Internet are vulnerable to fraud, identity theft, extortion, and industrial espionage. Computer attackers as young as teenagers have broken into systems that run everything from dams to air traffic control systems, he said. "Think what a nation-state (or an organized group) could do against us". Unlike past national security threats, however, we cannot simply rely on the military to defend all critical US cyber infrastructures. "What does that mean?" asks Clarke. "That means, for the first time, we have a national security threat where we can't ask the FBI or the Army to save us. We have to save ourselves, in partnership with the government." (Defense Week, 3 Jun) D.C. launches DC Atlas. Washington, D.C. will unveil an enterprise-wide, web-based mapping tool today, culling information from 67 city agencies and plopping it on the desktops of every government employee. "The fact is, it would take days, weeks, months to collect data to answer one simple question and now it can be done in a matter of minutes," said Adam Rubinson, senior director for special projects in the Office of the Chief Technology Officer (octo.dc.gov). With this new tool, city employees will be provided with a one-day training course and can access nearly 150 map layers containing demographic, geographic and socioeconomic data; including trees, streets, buildings and crime to make faster and better-informed decisions, Rubinson said. For example, by clicking on a hospital, users can find specific information such as the number of beds, mortality rates, utility information and permits issued. (Federal Computer Weekly, 3 Jun) Congestion wears on wireless overlapping networks causing interference. Gary Oglesby thought it was odd that his wireless network at WorldCom Inc. got unusually congested early each morning and again just after quitting time. Turns out a security gate at a parking lot just outside his group's office shared the network's frequency. Headsets and other gadgets using the Bluetooth standard, newer cordless phones and microwave-powered, energy-saving light bulbs share the 2.4 to 2.483.5 gigahertz frequency range used by Wi-Fi. Household microwave ovens use radio waves in that range to heat leftovers. Conflicts sometimes occur also at 902 to 928 megahertz, used by older cordless phones and some military radar. Ricochet Networks Inc. plans to launch a wireless service in major cities using that range as well. These frequencies are appealing because the government does not require licenses to use them. But no licenses also speak to the lack of an entity to coordinate. (CNN, 2 Jun) WWU Comment: The issue of overlapping frequencies caused by everyday pieces of equipment will become of greater concern and requires as much planning for conflicting interference as the layout of the network. Security penetrations as well as the jamming of these frequencies are possible with commercially available purchased items, which are easily set up and difficult to detect. All aspects of the use of wireless technology, including overlapping frequencies, encryption, and security are equally important when planning or installing a wireless network. Private plane charters: one way around air security. Passengers on private charter flights continue to bypass security screening at most U.S. airports. With private air charter increasing significantly, aviation officials and lawmakers are concerned that terrorist could charter these planes. Sen. Herb Kohl (D-Wis.), stated that " we've gone through the tremendous expense and inconvenience of trying to make airline flying as safe as possible, and at the same time we're missing the point entirely on the dangers of private aircraft," (Washington Post.com, 3 June ) Los Angeles to invest $132M in water security. The Los Angeles Department of Water and Power (LADWP) announced a $132 million wholesale upgrading of the city's safety and security system during a five-year investment. The funding will be used to tighten security across LADWP buildings and more than a dozen reservoirs, treatment plants and storage and transmission facilities located throughout Los Angeles, city officials said in a news release. New enhancements will include increased aerial and ground patrols, high-tech monitoring and video surveillance, barriers, sensors, alarms and a continuous distribution system-monitoring program that will alert LADWP water quality officials to irregularities in the water supply, officials said. (Watertechonline.com, 3 June) AOL plans secure AIM services. A new enterprise-strength version of AOL Instant Messenger (AIM) will soon offer confidentiality, while at the same time maintaining interoperability with AIM members who are consumer and/or corporate users. AOL will guarantee confidential IM'ing for the enterprise with Secure AIM Services, as the system will seamlessly issue security credentials and use them to ensure end-to-end delivery of IMs. Besides encryption, Secure AIM Services will log message exchanges for auditing and archiving. The system will also reconcile AOL screen names against a corporate directory, making users easy to recognize. (NewsFactor Network.com, 30 May) IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
