http://www.ocipep.gc.ca/DOB/DOB02-167_e.html
OCIPEP DAILY BRIEF Number: DOB02-167 Date: 17 October 2002 NEWS Canada's environment threatened by U.S. greenhouse emissions A report entitled "America's Gas Tank, the high cost of Canada's oil and gas export strategy," jointly issued by the Natural Resources Defence Council and the Sierra Club of Canada, states that Canada's oil and gas drilling boom of the past decade, which resulted in the exportation of commodities to the U.S., has been destroying Canada's wilderness with greenhouse emissions. (Source: sierraclub.ca; nrdc.org, 16 October 2002) Click here for the source article - 1 Click here for the source article - 2 OCIPEP Comment: The report can be viewed at the following address: http://www.nrdc.org/land/use/gastank/gastank.pdf Infrastructure partnerships proposed A former director of the Critical Infrastructure Protection program at the U.S. Department of Energy proposed that the U.S. Office of Homeland Security sponsor regional "Partnerships for Homeland Security," similar to Pacific Northwest Economic Region (PNWER), which includes five U.S. states and three Canadian provinces. (Source: computerworld.com, 16 October 2002) Click here for the source article OCIPEP comment: As reported in OCIPEP Daily Brief DOB02-120, released 9 August, members of PNWER took part in the Blue Cascades exercise, which sought to assess the region's ability to respond to a terrorist attack on critical infrastructures. The scenario resulted in a prolonged power failure that could have lasted over weeks or months. Participants found that Blue Cascades met its objectives in highlighting regional infrastructure interdependencies and the preparedness gap, which must be addressed in order to create a disaster resistant region. CDC recommends smallpox vaccination for hospital staff As reported in OCIPEP Daily Brief DOB02-166, released October 16, the Advisory Committee on Immunization Practices (ACIP) of the Centers for Disease Control and Prevention (CDC) is meeting to pursue a policy on the potential U.S. responses to a smallpox attack. The ACIP voted 8-1 to endorse a plan for a mass vaccination of about half a million health care workers for smallpox. The decision is a revision of an earlier ACIP recommendation, which suggested the vaccination of just 10,000-20,000 emergency health care workers at regional hospitals designated as smallpox treatment centres. Under the new plan, vaccinations would be offered to health care workers at U.S. hospitals capable of handling smallpox cases. The newly-endorsed recommendation comes closer to, although not mirroring, the White House proposal, under which health care workers, first responders and the general public would be offered vaccinations, in that order. The White House, which will make the final decision on the vaccination policy, has been weighing the potential benefits of mass pre-attack vaccination against the health and liability risks posed by administering the smallpox vaccine to millions of people. (Source: cnn.com, 16 October 2002; msnbc.com, 17 October 2002) Click here for the source article - 1 Click here for the source article - 2 OCIPEP comment: According to Health Canada, the ring vaccination approach remains Canada's intended response to a smallpox outbreak; the mass vaccination approach is not recommended due to its many risks. The vaccine for smallpox is not yet approved by the U.S. Food and Drug Administration (FDA), and can have minor to severe effects on its recipients. People who have: lowered immune systems (very young and very old), human immunodeficiency virus (HIV), cancer, transplanted organs, and/or eczema are especially susceptible to adverse reactions from the vaccine. Side effects can include extensive skin reactions, systematic vaccinia infections and encephalitis. It is estimated that approximately one in one million people die from smallpox vaccine-induced complications. Additional information on small pox and small pox vaccination can be found at http://www.hc-sc.gc.ca/english/epr/smallpox.html International handbook for critical information infrastructure protection released Earlier this year, the Comprehensive Risk Analysis and Management Network released its annual International Critical Information Infrastructure Protection (CIIP) Handbook. It focuses on aspects of CIIP related to security policy and methodology. The security policy perspective evaluates policy efforts for the protection of critical information infrastructure in eight countries, including Canada. The methodological perspective discusses selected methods and models to analyze and evaluate various aspects of critical information infrastructure. The International Critical Information Infrastructure Protection Handbook can be viewed online or ordered from http://www.isn.ethz.ch/crn/extended/index.cfm?service=handbook (Source : Comprehensive Risk Analysis and Management Network) OCIPEP comment: Though the information in the Canadian chapter is somewhat dated, the volume as a whole represents one of the only compilations of comparative CIIP policies and structures as yet produced. IN BRIEF Port Simpson power outage- Update On October 11, three landlines were established by BC Hydro and power was fully restored to the community of Port Simpson, B.C. However, between October 14 and 15, all three landlines failed due to insulator failures and subsequent pole fires. Emergency generators are once again supplying power to critical facilities. OCIPEP comment: This incident was first reported in OCIPEP Daily Brief DOB02-161, released October 8. For more information on this incident, click on the Incident Mapping button at the top of the OCIPEP Daily Brief. NIPC loses one of its own to 'Beltway' sniper Linda Franklin, a 47-year-old intelligence operations specialist at the FBI's National Infrastructure Protection Center (NIPC), was killed Monday night in the parking structure of a Home Depot in the Falls Church area of Fairfax County, Virginia. Her death is the latest in a series of random shootings. (Source: computerworld.com, 16 October 2002; fbi.gov, 15 October 2002) Click here for the source article - 1 Click here for the source article - 2 U.S. seeks to fund weapons of mass destruction defence program Congress this week plans to approve the largest defence spending increase in a generation, earmarking billions of dollars toward combating weapons of mass destruction, including new research funding to establish a "Chem-Bio Defense Initiatives Fund." (Source govexec.com, 16 October 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Central Command reports on Worm/Sambud.P2P.B, which is a worm that makes itself available for downloading via the KaZaA network. If executed, the worm copies itself in the \windows\Sys32\ directory under the filename "Kingdom-Hearts.exe". http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_ad p.php?p_refno=021015-000014 Central Command reports on Worm/Walrus, which is a worm that propagates via the IRC network. If executed, the worm copies itself in the C:\ directory under the filename "FreePorn.com". The files "C:\Mirc\Script.ini" and "C:\Program Files\Mirc\Script.ini" are created. It will also attempt to appear legitimate by popping open an explicit image. http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_ad p.php?p_refno=021015-000013 Central Command reports on Worm/Indor, which is a worm that propagates via e-mail. It arrives with the subject line "XXX Site password generator" or "Password for your site!" and the attachment "installer.exe". If executed, the worm copies itself in the \windows\ directory under the filenames "Temp.exe", and "Sexy.scr". http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_ad p.php?p_refno=021015-000012 Central Command reports on BDS/OptixPro.12, which is a Trojan horse that would potentially allow someone with malicious intent backdoor access to a computer. If executed, the backdoor adds the file "Regserv.exe" to the \windows\%system% directory. http://support.centralcommand.com/cgi-bin/command.cfg/php/enduser/std_ad p.php?p_refno=021015-000019 Symantec reports on Trojan.PWS.QQPass.gKb6, which is a password-stealing Trojan horse written in Visual Basic that requires the presence of MS Visual Basic runtime libraries for it to run. http://securityresponse.symantec.com/avcenter/venc/data/trojan.pws.qqpas s.gkb6.html Vulnerabilities Patches: New heartbeat packages are now available for Debian GNU Linux. (SecurityFocus) http://online.securityfocus.com/advisories/4552 Additional vulnerabilities were reported in the following products: Linux-HA (multiple versions) Heartbeat buffer overflow vulnerability. (SecurityFocus) http://online.securityfocus.com/bid/5955/discussion/ GENTOO LINUX app-crypt/heimdal-0.4e and earlier remote command execution vulnerability. (SecurityFocus) http://online.securityfocus.com/advisories/4553 GENTOO LINUX net-analyzer/net-snmp-5.0.2a and earlier denial-of-service vulnerability. (SecurityFocus) http://online.securityfocus.com/advisories/4554 Tru64 UNIX V5.1A zlib vulnerability. (SecurityFocus) http://online.securityfocus.com/advisories/4559 SGI X Windows zlib/MIT-SHM/huge font denial-of-service vulnerabilities. (SecurityFocus) http://online.securityfocus.com/advisories/4561 RadioBird Software's WebServer 4 Everyone 1.23 and 1.27 denial-of-service and directory traversal vulnerabilities. (SecuriTeam) http://www.securiteam.com/windowsntfocus/6K00B1P5PA.html Tools OpenSSH 3.4p1 is a Linux/portable port of OpenBSD's OpenSSH. http://www.openssh.com/ CONTACT US To add or remove a name from the distribution list, or to modify existing contact information, e-mail: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP's Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP's Communications Division at: Phone: (613) 944-4875 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk