NIPC Daily Report 12 June, 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures.
DoD software acquisition strategy. In hopes of closing security holes in software acquisitions, beginning July 1, the Defense Department will require a broad group of commercial software suppliers to evaluate their products using a standard known as Common Criteria (CC). The CC not only focuses on information assurance products; such as firewalls or intrusion-detection systems, but "information assurance-enabled products" such as Web browsers, operating systems and databases as well. According to DOD, products that fail to pass CC muster, will not be purchased by the department. (Federal Computer Week, 10 Jun) Congress to Examine Domain Name Co. Congress is taking a look at the California company that administers Internet addresses after critics said it is too slow to address security holes and should be more closely regulated. The Internet Corporation for Assigned Names and Numbers, or ICANN, governs the system that translates common Web site addresses into strings of numbers understood by computers. Testimony prepared for a Senate committee hearing, and obtained by The Associated Press, says the Commerce Department has not taken a strong enough role in overseeing the company. ICANN gained control of the Internet's domain name system through a 1998 agreement with the Commerce Department. But the deal was only supposed to be a transition, and control was supposed to be ceded to another private company or organization in 2000. ICANN has been fraught with infighting and delays, and the deal was extended to September of this year. The company has governed the creation of new domain names, such as .info and .name, and created more competition in domain name sales. (AP Technology, 12 Jun) Summit addresses threats to cyberspace. On 10 June, political, industry, and academic leaders stressed the need for cooperation in order to prevent domestic and international attacks on the nation's information networks at the third Networked Economy Summit, which was hosted by George Mason University. Richard A. Clarke, special adviser to the president for cyberspace security said, "The threats to cyberspace, and there are many, cannot be handled only by the military or the government. All of us own a piece of cyberspace, so all of us must act to secure cyberspace." Clarke said that by mid-September, his office, along with the Office of Homeland Security would be presenting the president with a National Strategy to Secure Cyberspace, compiled from the advice of different sectors of society. (Washington Post, 11 Jun) Colorado wildfires knock out high-voltage lines. The wildfires blazing in Colorado have knocked out high-voltage power lines and forced utility Xcel Energy Inc. to shut down lines in fire areas to prevent more damage. The fires so far have not cut power deliveries to Xcel's transmission customers because the utility has been able to re-route electricity around the blazes, said Mark Stutz, a spokesman for Xcel. Some customers who get their power from low-voltage distribution systems, however, have lost power. Xcel provides power to about 75 percent of Colorado's consumers. The 77,000 acre (31,162-hectare) fire, located about 55 miles southwest of Denver, damaged a 230 kilovolt Tarryall-to-Daniels Park transmission line Sunday night and forced it off the grid. The blaze also knocked out a 115 kv Tarryall-to- Divide line west of Colorado Springs. Another 69 kv transmission cable near Grand Junction in western Colorado was burned and a 69 kv line running from a hydroelectric power plant near Glenwood Springs was shut off for safety reasons. The Western Electricity Coordinating Council in Salt Lake City, Utah is keeping a close eye on the Colorado fires, but thus far the state's grid is not threatened. (Reuters, 11 Jun) FHWA awards a tech services pact. The Federal Highway Administration has awarded a 10-year, $175 million contract to Indus Corp. to secure the agency 's databases. Under the Federal Highway Administration Information Technology Support Services contract, Indus will also help the agency with its enterprise architecture, network infrastructure, help desk, document management and telecommunications services. (GCN.com, 11 Jun) ~dmh IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
