[Today's issue is delayed as I was attending an IO/IA workshop
in London. There will be no Infocon News till maybe Thursday/Friday
as London is under a massive 'infrastructure attack' per 20.00
tonight (not by any Al Qaeda terrorists or any cyberterrorists,
but by striking tube (underground) workers. WEN]

Travellers braced for Tube strike


                      London, Tuesday, September 24, 2002

                                INFOCON News

                            IWS - The Information Warfare Site


                               IWS Sponsor

IQPC Defence Conference: Information Operations 2002 25-26/09/02

Information Operations 2002: Analysing development in defensive and
offensive information operations, critical infrastructure protection,
information assurance and perception management.

September 25 - 26, 2002. London, UK (Pre-Conference Masterclass:
24th September 2002)

Information Operations 2002 Conference Web Site


                              [News Index]

[1] FBI cyber chief heralds interagency cooperation
[2] Military Space Operations:  Planning, Funding, and Acquisition ...
[3] At least 100 countries building cyber weapons - expert
[4] Third slapper worm hits the street
[5] ICANN closes in on .org successor

[6] FBI agent: Break down the intelligence 'wall'
[7] Philip Morris sues Internet sites
[8] Internet phone calling: A firm fails to connect
[9] Privacy Advocate Voices Mobile Spam Concerns
[10] Canadians more wired about shopping on Net

[11] Justice Department formalizes information sharing guidelines
[12] Computers vulnerable at Oregon department
[13] When is hacking a crime?
[14] Linux hacker tracked to Surbiton...
[15] Microsoft tweaks Xbox to thwart hackers

[16] Sun Crypto curves into open source project
[17] From bipartisan beginnings, homeland bill now a divider



[I hope this time the cooperation will work better than last time.
Ron Dick seems to be keen on two way information sharing:

>From a July Statement for the Record of Ronald L. Dick, Before the
House Committee on Governmental Reform,
Government Efficiency, Financial Management and
Intergovernmental Relations Subcommittee


'... At the NIPC we continue to seek partnerships which promote two-way
information sharing. As Director Mueller stated in a speech on July 16th,
"Prevention of terrorist attacks is by far and away our most urgent priority."
We can only prevent attacks on our critical infrastructures by building an
intelligence base, analyzing that information, and providing timely, actionable
threat-related products to our public and private sector partners. We welcome
the efforts of your Committee in improving information sharing, and I look
forward to addressing any questions you might have.'

The future will show whether this will be possible or not. All I can say:
speak louder than words. Good luck. WEN]

[1] FBI cyber chief heralds interagency cooperation
By Bara Vaida, National Journal's Technology Daily

Ron Dick, the director of the FBI's National Infrastructure Protection Center,
said the FBI's new effort to partner with the Secret Service on investigating
cyber crimes is aimed at marshalling resources.

At the launch of the national cybersecurity protection plan last week, the FBI
and Secret Service announced a new pilot program where several field offices of
both agencies agreed to work together on investigating cyber crimes to determine
who is behind a particular attack.

"If you look at what we've done with the Infragard program and what they've done
with the Electronic Crimes Task Force...we can leverage the capabilities of both
staffs," said Dick in an interview with National Journal's Technology Daily.

Full story: http://www.govexec.com/dailyfed/0902/092302td1.htm


[Interesting report. WEN]

The United States is increasingly dependent on space for its security
and well being. The Department of Defense's (DOD) space systems
collect information on capabilities and intentions of potential adversaries.
They enable military forces to be warned of a missile attack and to
communicate and navigate while avoiding hostile action. And they provide
information that allows forces to precisely attack targets in ways to
minimize collateral damage and loss of life. DOD's satellites also enable
global communications, television broadcasts, weather forecasting;
navigation of ships, planes, trucks, and cars; and synchronization of
computers, communications, and electric power grids.
This growing dependence, however, is also making commercial and
military space systems attractive targets for adversarial attacks. According
to DOD, our adversaries are exploring such capabilities as directed energy
weapons, space object tracking systems, physical attacks on satellite
ground stations, and signals jamming. Moreover, our adversaries are
gaining access to space-based information as well as acquiring new spacebased
capabilities. In view of this growing threat, DOD is taking on efforts
to strengthen its ability to protect and defend space-based assets, also
known as "space control."1 Given the importance and potential costs of its
acquisitions related to space, we identified DOD's efforts to strengthen its
ability to protect and defend its space assets and the challenges facing
DOD in making those space control efforts successful.

[2] Military Space Operations:  Planning, Funding, and Acquisition
Challenges Facing Efforts to Strengthen Space Control.  GAO-02-738,
September 23.



[Hmmm. Matt did you get misquoted? WEN]

[3] At least 100 countries building cyber weapons - expert
By John Lettice
Posted: 24/09/2002 at 10:09 GMT

Cyberterrorism hyping has reached new heights - according to a report in the
Melbourne Herald Sun, at least. The Herald quotes expert Matthew Devost,
speaking at a meeting at the US consulate there recently, as claiming the CIA
believes at least 100 countries are investigating waging war by computer, or

Mr Devost is proprietor of terrorism.com, incidentally, which is something of a
misnomer, as he's in the counter-terrorism game. Should any bona fide terrorist
take him to the ICANN disputes panel we fear he'd be on difficult ground. But
100 countries? Could the CIA possibly believe this? Who are these countries?



[4] Third slapper worm hits the street
By Iain Thomson [24-09-2002]
Hackers eye virus as base for development

Barely 24 hours after the Slapper B worm started to show up on antivirus
monitoring stations, a new variant has cropped up.
According to security specialist ISS, Slapper C has infected 1,500 servers
already and is spreading, although a source point has not been identified at
this time.

The company warned that the source code for Slapper has spread quickly among the
underground community, and will be the development platform of choice for future



[5] ICANN closes in on .org successor
09:03 Tuesday 24th September 2002

The Internet address regulator gives a nod to a group of thousands of computer
engineers in their bid to run the non-profit domain
The backing of a key domain regulator on Monday brought a group of computer
professionals closer to control of the .org Internet domain, home to millions of
nonprofits and community groups.

The Internet Society, a group of 11,000 engineers and other networking experts,
won another round in the months-long process to gain management the Internet's
fifth-largest domain when the Internet Corporation for Assigned Names and
Numbers (ICANN) reaffirmed its opinion that the Virginia nonprofit was the
best-qualified of 11 applicants.



[6] FBI agent: Break down the intelligence 'wall'
By Brian Friel

An exchange between an FBI agent and the agency's headquarters, made public last
week, shows that even before Sept. 11, the barrier between intelligence and law
enforcement investigations-a barrier designed to protect civil liberties-got in
the way of efforts to protect Americans from terrorists.

The conflict between civil liberties and investigator powers has sparked debates
about lifting limits on federal law enforcement agents and intelligence officers
and about eliminating gaps between agencies and functions that terrorists
exploit to avoid capture.

The conflict also raises questions about how to best reorganize Cold War-focused
federal functions to combat terrorism.



[7] Philip Morris sues Internet sites

Cigarette maker aims to stop sellers from using trademarks

NEW YORK, Sept. 23 - Philip Morris Cos. Inc. , the world's largest cigarette
maker, Monday said it filed eight lawsuits aimed at stopping sellers of
cigarettes over the Internet from using Philip Morris trademarks.



[8] Internet phone calling: A firm fails to connect
Don Kirk International Herald Tribune
Monday, September 23, 2002

SEOUL Kim Dae Sun, vice president of Serome Technology Inc., avoided the usual
euphemisms for the disasters that have befallen his once pioneering and
high-flying company.

"The boom of the Internet era has been collapsing," Kim said, "and the market is
not as good as we expected."

His words contrast sharply with the promise associated since the mid-1990s with
Serome's business, using the Internet for making cheap phone calls.



[9] Privacy Advocate Voices Mobile Spam Concerns

By boston.internet.com

September 19, 2002

As advertisers gear up for a mobile marketing push in the United States, a
privacy advocate is concerned the menu of messages will consist largely of spam.

The technology, which delivers product pitches, special offers, sweepstakes and
coupons to cell phones, is already popular in Europe, where advertisers will
spend $53 million on mobile campaigns this year, according to recent findings by
Jupiterresearch. (Jupitermedia, the parent of Jupiterresearch, also is the
publisher of this Web site.)



[10] Canadians more wired about shopping on Net

Clickers shelled out almost $2-billion in '01


Friday, September 20, 2002 - Page B1

Canadians spent almost $2-billion shopping on the Internet last year,
"substantially" more than the previous year, Statistics Canada reported
yesterday -- and analysts expect a further leap in 2002.

On-line shoppers in an estimated 2.2 million households shelled out nearly
$2-billion in 2001, compared with about $1.1-billion in an estimated 1.5 million
households a year earlier, Statscan reported.

The federal agency nevertheless cautioned against a direct comparison between
data from the two years because of different tracking methods: The latest
figures captured cybershopping from households that regularly used the Internet
from various locations, while the previous data looked only at on-line shopping
conducted from the home.



[11] Justice Department formalizes information sharing guidelines
By Drew Clark, National Journal's Technology Daily

Attorney General John Ashcroft on Monday released guidelines designed to
formalize the way in which federal prosecutors share information, including data
obtained from electronic surveillance, with the CIA and other intelligence

The guidelines flow from last October's sweeping anti-terrorism bill, which
empowered prosecutors to share information obtained through grand jury testimony
or through electronic, wire or oral interception of information.

Prior to passage of the landmark anti-terrorism legislation, known as the
Patriot Act, prosecutors were specifically barred from sharing such information
to intelligence, protective, immigration, defense or national security



[12] Computers vulnerable at Oregon department



SALEM -- The state Department of Human Services has systematically neglected
computer security for years, leaving Oregon's largest agency vulnerable to
hackers and thieving employees who can pay themselves public benefits, according
to an internal agency report.

A consultant hired to evaluate the agency's computer safeguards found lapses at
every level. State auditors identified similar problems a year ago, and agency
leaders then promised to fix them.

They still haven't.



[13] When is hacking a crime?

By Robert Lemos
Special to ZDNet
September 23, 2002, 4:32 AM PT

Kevin Finisterre admits that he likes to hew close to the ethical line
separating the "white hat" hackers from the bad guys, but little did he know
that his company's actions would draw threats of a lawsuit from Hewlett-Packard.

This summer, the consultant with security firm Secure Network Operations had let
HP know of nearly 20 holes in its Tru64 operating system. But in late July, when
HP was finishing work to patch the flaws, another employee of Finisterre's
company publicly disclosed one of the vulnerabilities and showed how to exploit
it--prompting the technology giant to threaten litigation under the Digital
Millennium Copyright Act.

Finisterre, who was not hired by HP, now says he'll think twice before
voluntarily informing another company of any security holes he finds.



[14] Linux hacker tracked to Surbiton...

 Would Swordfish have been sexier if Travolta and Jackman lived in Surbiton...
or perhaps Thames Ditton...?
London commuter town Surbiton, once famed as the home of seventies sit-com the
Good Life, and held up as the very model of suburban life, has found itself at
the centre of a trans-Atlantic police investigation into cyber-crime.

Scotland Yard and the FBI last week traced a 21-year-old British man to the
sleepy tree-lined streets of Surbiton and arrested him for allegedly writing and
distributing the T0rn rootkit tool which enables users to hack Linux servers.



[15] Microsoft tweaks Xbox to thwart hackers

And to cut costs

Microsoft has changed the internal configuration of its Xbox game console, a
move intended to thwart hackers and lower manufacturing costs.

Word of the changes began spreading on sites devoted Xbox hacking, with some
buyers of recently manufactured Xbox units complaining that mod chips designed
for the original console won't work now.

Microsoft Xbox spokeswoman Molly O'Donnell confirmed that the company had made
minor changes to the console's configuration as part of ongoing efforts to
"increase security and reduce overall costs".



[16] Sun Crypto curves into open source project
By John Leyden
Posted: 23/09/2002 at 14:35 GMT

Sun Microsystems has donated its Elliptic Curve Cryptography technology to the
OpenSSL project.

The donation is designed to boost efforts among developers to move to the latest
encryption technology and enhance Sun's reputation as a provider of secure



[17] From bipartisan beginnings, homeland bill now a divider
By Molly M. Peterson, CongressDaily

Most members of Congress have voiced support for President Bush's proposal to
consolidate 22 existing federal entities into a 170,000-employee Homeland
Security Department. But legislation to implement Bush's plan for what would be
the largest reorganization of the federal government in 50 years has triggered
partisan clashes over administrative flexibility, product liability,
security-screening deadlines and other key issues affecting the technology

"I had hoped that we could set up a department that would be lean and agile and
of the future, that would maximize the use of technology, that would capitalize
on the spirit of innovation and new technologies,"House Minority Whip Nancy
Pelosi, D-Calif., said during floor debate on the House version of the bill.
"But, sadly, it does not."

Pelosi, who served as ranking Democrat on the House Homeland Security Select
Committee, has said the GOP-favored plan would create a "bloated, 1950s,
bureaucratic department" while stripping its employees of civil-service
protections, weakening information-disclosure laws, and providing the
manufacturers of defective counterterrorism technology with "unprecedented"
liability protection.




The source material may be copyrighted and all rights are
retained by the original author/publisher.

Copyright 2002, IWS - The Information Warfare Site

Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site


To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body

To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe
infocon" in the body


IWS INFOCON Mailing List
@ IWS - The Information Warfare Site

Reply via email to