London, Wednesday, September 11, 2002

                                INFOCON News

                            IWS - The Information Warfare Site


                               IWS Sponsor

IQPC Defence Conference: Information Operations 2002 25-26/09/02

Information Operations 2002: Analysing development in defensive and
offensive information operations, critical infrastructure protection,
information assurance and perception management.

September 25 - 26, 2002. London, UK (Pre-Conference Masterclass:
24th September 2002)

Information Operations 2002 Conference Web Site


                              [News Index]

[1] Experts Say Attack Anniversary Cyberthreats Unfounded
[2] F-Secure Virus Descriptions: Chet Worm
[3] TSA chief: Don't ease airport security deadlines
[4] Insecurity plagues US emergency alert system
[5] AltaVista and Google to fight Chinese censorship

[6] NIPC: "Possible Threats to U.S. Interests"
[7] Energy Utilities Ramp Up Security
[8] Comment: Clued-up staff preserve evidence
[9] Script Kiddies 2002 - A continued threat to online business
[10] Focus on Iran and Syria, Not Iraq, Graham Says

[11] Intel's new chip for security Renaissance
[12] Solace in a virtual world: Memorials on the Web
[13] Java flaws burn Internet Explorer
[14] Cybersecurity firms not profiting as expected
[15] Baltimore Cops Get Connected

[16] Microsoft buys security software company
[17] Exploring XML Encryption, Part 2



``If Osama was going to double-click us to death he would have done it six weeks
ago. He's low-tech. He likes flying aircraft into skyscrapers,'' the computer
expert said.

[1] Experts Say Attack Anniversary Cyberthreats Unfounded

Filed at 8:15 p.m. ET

SAN FRANCISCO (Reuters) - Fears of a cyberattack inspired by the Sept. 11
attacks faded on Tuesday, a day ahead of the anniversary, with the only threat
to emerge a year-old virus hoax called ``World Trade Center Survivor.''

Experts predicted that Wednesday is likely to be just another day on the
Internet, and if anything a quiet day for cybercriminals.



[2] F-Secure Virus Descriptions: Chet Worm

Radar Alert LEVEL 2
NAME: Chet
SIZE: 26628
ORIGIN: Russia
ALIAS: W32/Chet@MM, Anniv911, 11september, September11

This mass-mailer worm was found on September 10th, 2002. As it contains serious
bugs, this worm will fail to function on most systems and can not be considered
to be a realistic threat at this time.

Many things inside the worm's code suggest that it originates from Russia.

The worm tries to spread via an attachment file called 11september.exe. When
this file is executed, the worm will attempt to send the following e-mail to
each address found from the Windows address book:



[3] TSA chief: Don't ease airport security deadlines
By Matthew Weinstock

Lawmakers should not ease up on deadlines to bolster security at the nation's
airports, James Loy, acting administrator of the Transportation Security Adminis
tration, said Tuesday.

Testifying before the Senate Commerce, Science and Transportation Committee, Loy
acknowledged that about 10 percent of airports would not meet a Dec. 31 deadline
to screen all checked baggage for explosives. Still, Loy does not support a
"wholesale" delay in the deadline. Rather, Loy wants to work out extensions with
those 30 to 35 airports that are not expected to meet the current deadline,
establishing more realistic timeframes and developing interim strategies for
screening baggage.

Those interim strategies could include more hand searches and the use of
bomb-sniffing dogs. TSA officials are uncertain if legislation is needed to
grant the extensions, but Loy made it clear that he wants to work with Congress
to come up with a viable solution.



[4] Insecurity plagues US emergency alert system
By Kevin Poulsen, SecurityFocus Online
Posted: 09/10/2002 at 17:25 EST

A national alert system that gives the president the ability to take over the
U.S. airwaves during a national crisis may inadvertently extend hackers the same
courtesy, thanks to security holes that put radio stations, television
broadcasters and cable TV companies at risk of being commandeered by anyone with
a little technical know-how and some off-the-shelf electronic components.



[5] AltaVista and Google to fight Chinese censorship
By ComputerWire
Posted: 11/09/2002 at 06:46 GMT

AltaVista Co and Google Inc have both seen their web search engines become
inaccessible to internet users in China, evidently as part of a censorship
initiative in the run-up to the Chinese communist party congress in November,
Kevin Murphy writes.

But AltaVista is offering affected users alternate ways to access its services.
The company yesterday told users they could visit raging.com or one of
AltaVista's international sites, which offer the same search services but are
not blocked.




"Possible Threats to U.S. Interests"

NIPC Advisory 02-007

10 September 2002

Today, the U.S. Government raised the Threat Condition level from Elevated
(yellow) to High (orange).

As previously described in NIPC Information Bulletin 02-007 ("First Anniversary
of the September 11th Attacks And Other Dates of Interest"), there remains no
specific and credible information indicating that a particular event or location
in the United States will be targeted for terrorist activity.

However, the raised Threat Condition level is deemed appropriate due to credible
intelligence and recent statements by terrorists in custody indicating a high
threat of near term strikes against U.S. interests.

Al Qa'ida preparations for terrorism have continued in past months and at least
some of the plots appear ready for implementation.  Based on past experience,
the most attractive targets to Al Qa'ida leaders would be strikes against:

.       The transportation or energy sectors, which they have regarded as key to U.S.
economic health.

.       Facilities or gatherings that would be recognized worldwide as symbols of
American power or security.  (For example, U.S. military facilities and U.S.
Embassies, monuments and U.S. Icons).

In addition, it appears that lower-level Al Qa'ida operatives and sympathizers
see the September 11th period as a suitable time to conduct even small strikes
as a demonstration of their worldwide presence and resolve.  Therefore, widely
dispersed and unsophisticated strikes remain a possibility.

The specificity of some of this information has contributed to a decision to
close four Embassies in Southeast Asia, and to elevate security at all overseas
diplomatic and military facilities.  Additional closures may be forthcoming.

Critical infrastructure owners and operators are urged to implement appropriate
protective measures that correspond to the Orange Condition under the Homeland
Security Advisory System.

NIPC encourages individuals to report information concerning suspicious activity
to their local FBI office, http://www.fbi.gov/contact/fo/fo.htm the NIPC, or to
other appropriate authorities. Individuals may report incidents online at
http://www.nipc.gov/incident/cirr.htm, and can reach the NIPC Watch and Warning
Unit at (202) 323-3205, 1-888-585-9078, or [EMAIL PROTECTED]


[7] Energy Utilities Ramp Up Security
By  Evan Koblentz

In the wake of the Sept. 11 attacks last year, the IT security needs of the
Tennessee Valley Authority-which already were massive-became even more
important, said Anthony Smith, the authority's IT security senior manager.

Generating enough revenue to run itself without federal assistance, the TVA-the
nation's largest public power producer-generates up to 30,000 megawatts of power
each year, from 11 coal plants, 29 hydroelectric plants, three nuclear plants,
one pump storage plant and backup combustion turbines. TVA serves seven states,
8.3 millions people, and 150 local, municipal and cooperative energy sellers.



[8] Comment: Clued-up staff preserve evidence

Neil Barrett [30-08-2002]
Imagine a nightmare. You return home to find the door swinging open, your
property strewn around the room. The TV has been broken, pictures smashed; filth
has been smeared over the walls, alongside graffiti and scuff marks. Worst of
all, the expensive jewellery at the back of a bedside drawer has been taken
along with the cheaper stuff you didn't much care for.

But what exactly has happened?

Did an intruder choose your home at random, did they stumble over the valuable
jewellery while vandalising? Or was jewellery the main objective, and the
vandalism designed to disguise the intention?



[9] Script Kiddies 2002 - A continued threat to online business

A bit of a break from writing about web marketing and ecommerce this week - on
to the subject of Internet security and protecting your online business.

About 18 months ago, I released a series of articles in relation to the Script
Kiddie problem (see below). I thought I'd carry out some follow up research to
see what the situation was in 2002 and I'm sorry to say it's no better - it's
gotten a whole lot worse.



[10] Focus on Iran and Syria, Not Iraq, Graham Says

These interviews are the seventh and eighth of a series in which national and
world figures reflect on the terrorist attacks and their effect on a year of
public life and policy.

WASHINGTON, Sept. 9 - Senator Bob Graham, the chairman of the Intelligence
Committee, calls the Bush administration's focus on Iraq a distraction from the
campaign against terrorism and lists Syria and Iran as countries that should be
the first targets of any aggressive effort against state sponsors of terrorist

In an interview reflecting on Sept. 11 and its consequences, Mr. Graham, a
Florida Democrat, also said he feared that the United States was becoming
"bogged down" in an unproductive manhunt in Afghanistan and that the nation
needed an "aggressive war plan" to strike at terrorist organizations.



[11] Intel's new chip for security Renaissance
By Thomas C Greene in Washington
Posted: 10/09/2002 at 13:00 GMT

Hideous viruses and terrifying hackers will soon be neutralized so that the
computing public might finally doze blissfully in a cocoon of safety, Intel
announced yesterday at the Developers' Forum. The proposed solution is
LaGrande -- which is not, as it sounds, a genteelized pickup truck for suburban
use, but a hardware system which will control your computing experience for your
own good. It will prevent you from doing silly things by sandboxing numerous
risky processes and apparently establishing a secure sanctum sanctorum on one's
HDD along lines of the IBM rapid restore gimmick.



[12] Solace in a virtual world: Memorials on the Web
Amy Harmon The New York Times
Wednesday, September 11, 2002

There is no grave site for Tracy Orr to visit. The body of her husband, Alex
Steinman, was never found in the rubble of the World Trade Center, and her guess
is as good as any as to when a permanent memorial to the victims will be built.

Instead, Orr makes weekly trips to a virtual memorial - a Web site that, like
thousands of others, sprang into existence in the days after Sept. 11 and
continues to attract throngs of visitors each month. The steady stream of
tributes deposited there by friends and strangers is, she says, a source of
tangible comfort despite their electronic form - and because of it.



[13] Java flaws burn Internet Explorer

By James Middleton [10-09-2002]

Microsoft browser riddled with JVM vulnerabilities

Security experts have issued warnings about vulnerabilities in the Java Virtual
Machine (JVM) contained in the latest versions of Internet Explorer (IE).
The flaws allow an attacker to deliver and execute arbitrary code on a victim's
system when a hostile website or message is viewed in either IE or Outlook.

Finnish security firm Online Solutions claims that it has found 10 different
vulnerabilities in the JVM which it has reported to Microsoft.



[14] Cybersecurity firms not profiting as expected
Chicago Tribune

CHICAGO - Not long after last year's terror attacks, Tony Maier's phones at
RedSky Technologies Inc. were ringing with inquiries about the company's "E-911"
software, which pinpoints locations of employees dialing for help from inside
large buildings.

The Chicago company's sales continue to grow, but they've not met the
expectations raised by a surge of interest in security and safety technology
after the attacks.



[15] Baltimore Cops Get Connected
By  John McCormick
Online exclusive: The Baltimore City Police Department overhauled its
infrastructure to keep its officers in touch. The result: a significant drop in

Police sergeant David Rosenblatt cruises downtown Baltimore, as he deals with
property thefts, burglaries, and, on occasion, aggravated assaults.

Rosenblatt doesn't have a partner in his patrol car; yet he never feels like
he's riding alone.

The Baltimore City Police Department has connected Rosenblatt and the other
3,000 members of its force to a sophisticated network of computer and
communications equipment that keeps its cops in constant touch with each other,
and provides a wealth of intelligence about the calls they're assigned to
handle-information that improves both their safety and their ability to fight



[16] Microsoft buys security software company

Wednesday 11 September 2002

Microsoft has acquired a small security software manufacturer as part of its
continued drive to improve product security and reliability.

The software giant has agreed to purchase all the assets of XDegrees for an
undisclosed amount, according to a statement issued by the start-up software
maker, which is based in California, USA. Some employees will relocate to
Microsoft's headquarters, in Redmond, Washington.



[17] Exploring XML Encryption, Part 2

Implement an XML Encryption engine

Bilal Siddiqui ([EMAIL PROTECTED])
CEO, WAP Monster
August 2002

In this second installment, Bilal Siddiqui examines the usage model of XML
Encryption with the help of a use case scenario. He presents a simple demo
application, explaining how it uses the XML Encryption implementation. He then
continues with his last implementation of XML Encryption and makes use of
JCA/JCE classes to support cryptography. Finally, he briefly discusses the
applications of XML Encryption in SOAP-based Web services.
In Part 1 of this series, I gave an introduction to XML Encryption and its
underlying syntax and processing. I examined the different tags and their
respective use in XML encryption with a simple example of secure exchange of
structured data, proposed a Java API for XML Encryption based on DOM, and gave a
brief overview of cryptography in Java (JCA/JCE).

I start my discussion in this part with an information exchange scenario, which
demonstrates the use of XML encryption.




The source material may be copyrighted and all rights are
retained by the original author/publisher.

Copyright 2002, IWS - The Information Warfare Site

Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site


To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body

To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe
infocon" in the body


IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to