Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site http://www.iwar.org.uk The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. -----Original Message----- From: Wanja Eric Naef [IWS] [mailto:[EMAIL PROTECTED]] Sent: 16 October 2002 16:19 To: Wanja Eric Naef [IWS] Subject: News 10/16/02 _________________________________________________________________ London, Wednesday, October 16, 2002 _________________________________________________________________ INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] Senator calls for new intelligence agency [2] Sklyarov denied US visa to testify in DMCA case [3] Stupid Bugbear tricks [4] Military, witnesses aid hunt for sniper [5] Where's the money? [6] Freed hacker Mitnick debunks myths [7] (UK) 'Complacent' companies slammed for poor security policies [8] Information clampdown bugs scientists [9] Fear Factor [10] Spam poses threat to privacy [11] Net security chief leaves too many questions unanswered [12] Interpol: Cybercrime fight must be global [13] Windows Messenger is new spam vector [14] DOD appropriations progress [15] Agencies' homeland security spending may bolster high-tech sector [16] Intel touts security on a chip [17] New TSP computer system hits another delay _________________________________________________________________ News _________________________________________________________________ (Intelligence is the way to go as it is impossible to protect every place. One of my favourite quotes saying that it is impossible to have 100% security: --------------------------------- 'The number one threat to American national security during this long war is neither anthrax nor truck bombs . it is uncontrolled spending. We cannot afford to put guards on every bridge and at every critical node of our infrastructure. We cannot afford a sophisticated chemical and biodetector in every government building. America cannot afford a risk-free society in a world of global terrorism. The enemy's strategy is to destroy our economy. We must not facilitate their efforts. America will need to spend considerable sums of money to ensure our security . but we must do it wisely . there will be no money to waste on irrational fear and unconscionable pork. We must develop a strategic plan to guide our efforts. This must include federal, state and local governments, plus the private sector. Since 9-11, more than 130 bills regarding homeland security have been introduced in the House of Representatives. This is not the example of spending based on a strategic plan. "The outcome of this war will determine the type of nation our grandchild will know. I do not want that to be a nation that is bankrupt." Randall Larsen, Director, ANSER Institute for Homeland Security, at the National Defense University Symposium on Quadrennial Defense Review 2001 --------------------------------- Unfortunately, most of the current homeland security efforts do not focus on how to improve the intelligence gathering and more important sharing and analysing bit. In the media there were some story that there might have been a 5th plane, but the potential pilot was denied entry to the US, so it took never place (if the story is true, was it an Intel success?). The problem generally is that the public never hears the '99 times' when Intel agencies were successful in preventing terrorist attacks and they have to realise that there is no 100% success rate as the tragic events of September have shown. There are lots of good people around in the Intel business, but unfortunately people are not always listening to their advice (where to put security measures in place and where not to) . A good of example of this is Peter Caram's book 'The 1993 World Trade Center Bombing - Foresight and Warning'. Peter Caram, Detective Sgt, retired was in charge of anti-terrorist intelligence at the Port Authority of New York and New Jersey. Caram warned several times that the World Trade Center was very vulnerable to car bombs of public parking at the WTC, but his warnings were ignored. >From his book, '(1984 Report) ... the subgrade area (the WTC underground parking lot) was a shopping mall for any terrorist with an explosive laden vehicle. ...' WEN). [1] Senator calls for new intelligence agency >From National Journal's Technology Daily Sen. John Edwards, D-N.C., this week called for the creation of an agency that would assume domestic intelligence-gathering duties about terrorists from the FBI. In a speech before the Center for Strategic and International Studies, Edwards criticized the Bush administration's handling of intelligence gathering. He said that while he supports the creation of a Homeland Security Department, "the most urgent priority for our domestic defense today is not moving boxes on an organization chart. Our most urgent priority is stopping the enemy in our midst: identifying the terrorist cells within the U.S." Edwards said the FBI has failed in that role because it lacks the right skills, strengths or staff to be a successful intelligence agency. He said a new agency, similar to a British outfit known as MI5, should be established to gather intelligence on domestic terrorist threats. Former CIA Director R. James Woolsey proposed that idea last month. http://207.27.3.29/dailyfed/1002/101002td1.htm ---------------------------------------------------- (I will never forget the stock market graph of Adobe once Dmitry Sklyarov was arrested as it shows that online in combination with Offline political protests can be very successful. WEN) [2] Sklyarov denied US visa to testify in DMCA case By John Leyden Posted: 16/10/2002 at 10:51 GMT Dmitry Sklyarov, the Russian programmer at the centre of the first Digital Millennium Copyright Act (DMCA) prosecution, has been denied a US visa in a move that jeopardises his requirement to testify in the forthcoming trial of his former employers, ElcomSoft. ElcomSoft's chief executive, Alexander Katalov, has likewise been denied a visa, Planet PDF reports, in a move that surely means the already delayed October 21 start of the trial will be put back still further. http://www.theregister.co.uk/content/6/27643.html ---------------------------------------------------- '... In the case of Bugbear the cyberterrorists were asleep at the switch, too. Whoever wrote the thing wasted their time witlessly programming a lengthy table of anti-virus programs into it. ...' [3] Stupid Bugbear tricks By George Smith, SecurityFocus Online Posted: 15/10/2002 at 21:24 GMT "Please, please, please" came the blandishments of the P.R. men. "If you want to talk to someone about Bugbear, pleeze give me a call," twittered one. Dear Sir, would you notice my client's rubbish for a computer virus story angle? But even when ignored, the work of the flacks remains astonishingly efficient. I often received their humorless memos well before the presentation of even the fastest moving electronic disease. With Bugbear it was no different and the virus was no match for these powers of mobilization. It arrived late, well behind advertisements citing it, dragging along aft of one SirCam but in front of twelve pieces of mail from the tomfool Dr. Greg Odili of Nigeria. http://online.securityfocus.com/columnists/116 ---------------------------------------------------- (Horrible situation for the people living in these areas, nevertheless it is a very interesting case study on how much it actually takes to terrorise a nation and spread fear and how vulnerable we all are. If I am not mistaken there is even an entry about such attacks in the al-Qaeda handbook (not sniper though). In this case, though, it is very likely that a single madman caused all the mayhem. WEN) [4] Military, witnesses aid hunt for sniper Wednesday, October 16, 2002 Posted: 9:35 AM EDT (1335 GMT) Suspect vehicles: White Chevrolet Astro-type minivan with a ladder rack on its roof; Ford Econovan with a ladder rack on its roof; white box-type truck FALLS CHURCH, Virginia (CNN) -- Military aircraft will return to the skies around the nation's capital to help search for the marksman who has killed nine people, the latest victim a woman gunned down a few feet from her husband. Defense Secretary Donald Rumsfeld on Tuesday night approved an FBI request for use of the military aircraft. The planes, equipped with high-tech surveillance equipment, will be flown by military pilots accompanied by federal agents. (Full story) The slaying Monday night of FBI employee Linda Franklin apparently was the closest the killer has come to being seen. Witnesses in the vicinity of Franklin's slaying and in another of the area killings saw an olive-skinned man in a white van, law enforcement sources said Tuesday. http://www.cnn.com/2002/US/South/10/16/sniper.shootings/index.html http://www.cnn.com/2002/US/South/10/16/sniper.military.ap/index.html ---------------------------------------------------- [5] Where's the money? Editorial Oct. 14, 2002 It's a story federal information technology managers are all too familiar with: Congress mandates that they must secure their networks from cyberattacks, but fails to appropriate the money needed to properly safeguard systems. The latest story of shortfalls in IT security spending - and this one is especially troubling - comes from the National Nuclear Security Administration (NNSA). This Energy Department agency was formed in 2000 to manage programs in nuclear weapons, nuclear nonproliferation and naval reactors. Its mission represents "the most significant information and physical security challenge in the nation, if not the world," according to a former information assurance expert at the National Security Agency. http://www.fcw.com/fcw/articles/2002/1014/fcw-edit-10-14-02.asp ---------------------------------------------------- (Kevin Mitnick had very bad luck as the government made an example out of him and he was certainly not a major threat to national security. He has written a book called The Art of Deception: Controlling the Human Element of Security which I really want to read as I am curious what he has to say. WEN) http://www.amazon.com/exec/obidos/ASIN/0471237124/ref=ase_defensivethin- 20/102-0560971-0051358 http://www.defensivethinking.com/ [6] Freed hacker Mitnick debunks myths By Iain Thomson [16-10-2002] World famous hacker shares secrets in new book The world's most notorious hacker Kevin Mitnick claims that false accusations of breaking into top secret US installations were used to demonise him by law enforcement agencies in their fight to bring him to justice. In an interview with vnunet.com, he described himself as a hacker not a cracker, a prankster and explorer who was motivated by a desire to see how things worked rather than malicious intent or a thirst for profit. http://www.vnunet.com/News/1136009 ---------------------------------------------------- [7] 'Complacent' companies slammed for poor security policies By Will Sturgeon, silicon.com 14 October 2002 A survey of IT security managers and administrators, found that 54 per cent believe their organisation is not doing enough to combat the threats, despite 34 per cent of the respondents saying their companies had experienced cybercrime. More than half of the UK firms surveyed admit they are not doing enough to combat cybercrime--even though one third have been hacked, according to a survey from Learning Tree International. http://www.zdnet.com.au/itmanager/strategy/story/0,2000029582,20269042,0 0.htm ---------------------------------------------------- [8] Information clampdown bugs scientists After Sept. 11, federal government removes public access to data, orders CD-ROMs destroyed ASSOCIATED PRESS INDIANAPOLIS, Oct. 14 - Some scientists are running into a major post-Sept. 11 stumbling block: Federal restrictions have eliminated access to information vital to their studies. http://www.msnbc.com/news/821291.asp ---------------------------------------------------- [9] Fear Factor STANLEY "STASH" JAROCKI doesn't act like the agreement he recently signed with the FBI's National Infrastructure Protection Center (NIPC) is a big deal. "It's a prenuptial-nothing exotic," says Jarocki, chairman of the Financial Services Information Sharing and Analysis Center (ISAC) and vice president of information security engineering at Morgan Stanley. But, in fact, it's a huge deal. With the memorandum of understanding Jarocki signed last June, the ISAC-which was formed in 1999 to give financial companies a place to exchange information about security threats out of the earshot of regulators and law enforcement-has agreed to talk at least once a week to the NIPC, a law enforcement coordination agency. http://www.cio.com/archive/101502/fear.html ---------------------------------------------------- [10] Spam poses threat to privacy Workplace privacy will be casualty in war on spam If you thought the problem of junk e-mail was bad enough now then it is about to get a whole lot worse. "You ain't seen nothing yet," said Satish Ramachandran, chief executive of Mirapoint, a company which provides software to deal with the menace of unwanted commercial e-mails. One of the first casualties of the fight against spam in the workplace would be privacy, said Mr Ramachandran. http://news.bbc.co.uk/1/hi/technology/2330823.stm ---------------------------------------------------- [11] Net security chief leaves too many questions unanswered By Hiawatha Bray, Globe Staff, 10/14/2002 When President Bush's Internet security chief Richard Clarke visits MIT on Wednesday, he'll probably receive a polite and courteous response. And that's a shame. Nothing against Clarke, mind you. He's saddled with the massive responsibility of protecting the nation's sensitive computer systems from attack by terrorists and criminals. It's a tough job and he deserves a sympathetic hearing. But we should also lob some hard questions his way, questions that go unanswered in the document that Clarke is coming to discuss. It's called ''The National Strategy to Secure Cyberspace.'' As an overview of the challenges involved, it's pretty good stuff. Download a copy at www.whitehouse.gov/pcipb, and see for yourself. As a road map for action, though, it's like a sip of weak tea. Imagine a World War II strategy document in which Eisenhower suggests that it might be nice to invade Normandy, and you'll get the general tone. http://www.boston.com/dailyglobe2/287/business/Net_security_chief_leaves _too_many_questions_unanswered+.shtml More from the Infocon archive: [netsec-letter] #21, Securing Cyberspace -- Comments on the National Strategy http://www.mail-archive.com/infocon@infowarrior.org/msg00255.html [INFOCON] - News 09/19/02 http://www.mail-archive.com/infocon@infowarrior.org/msg00226.html [INFOCON] - OCIPEP: Release of U.S. National Strategy to Secure Cyberspace http://www.mail-archive.com/infocon@infowarrior.org/msg00225.html [INFOCON] - America's National Cybersecurity Strategy: Same Stuff, Different Administration http://www.mail-archive.com/infocon@infowarrior.org/msg00223.html ---------------------------------------------------- [12] Interpol: Cybercrime fight must be global 13:21 Wednesday 16th October 2002 Reuters International experts in fighting cybercrime are calling for computer-offence legislation to be more widely established, and greater cooperation in combating crime Top international cybercrime-busters wrapped up a three-day conference in the world's most wired country on Wednesday with a call for greater global cooperation to fight online offences. Senior cybercrime police officers from 37 countries agreed at a meeting in South Korea that worldwide investigations were needed to chase online criminals who operate with little regard for state frontiers. http://news.zdnet.co.uk/story/0,,t269-s2123975,00.html ---------------------------------------------------- [13] Windows Messenger is new spam vector By Thomas C Greene in Washington Posted: 16/10/2002 at 08:44 GMT The forces of evil have produced a devilish tool whereby spam can be sent to thousands of Windows users in minutes, in the guise of system alerts. This was brought to our attention by reader Mike MacNeill, who sent us a screenie of a Windows system alert offering him the university diploma of his dreams with "no required tests, classes, books or interviews," in the classic manner. Below is a smaller example: The scam is the brainchild of an outfit called DirectAdvertiser, and leverages the Windows RPC (Remote Procedure Call) function. I downloaded the demo version and played around for a while. My results may not be entirely accurate because I didn't use the full, $700 version, and because I used it on my own network behind a firewall. However, running Ethereal on the box and trying it out revealed packets destined for ports 135 (DCE/RPC), 137 (NetBIOS name service) and 138 (NetBIOS UDP) on the target. http://www.theregister.co.uk/content/55/27634.html ---------------------------------------------------- [14] DOD appropriations progress BY Dan Caterinicchia and Christopher J. Dorobek Oct. 11, 2002 Congressional negotiators this week settled on recommending $355.1 billion in new discretionary spending for the Defense Department for fiscal 2003, with a focus on improvements for the military's command, control, communications, computers, intelligence, surveillance and reconnaissance (C4ISR) functions. http://www.fcw.com/fcw/articles/2002/1007/web-dod-10-11-02.asp ---------------------------------------------------- [15] Agencies' homeland security spending may bolster high-tech sector By Molly M. Peterson, National Journal's Technology Daily Innovative homeland security products could enable some investors to buck the downward trend in the general high-tech sector, several venture capitalists said Tuesday. "I contend that security investments are holding their own and are escalating," Michelle Kraus, founder of Accelerator Group, said during a conference sponsored by the Council of Security and Strategic Technology Organizations. Kraus, who moderated a panel discussion on security-investment trends and opportunities, said "investments are being made every day" in firewalls, authentication technology, routers and other technology products that could help protect critical infrastructures and information networks. http://207.27.3.29/dailyfed/1002/101502td2.htm ---------------------------------------------------- [16] Intel touts security on a chip By John Leyden Posted: 15/10/2002 at 17:51 GMT Intel today announced what it bills as the industry's first network processor for secure content processing. The Intel IXP2850 network processor features high-performance packet processing with security features in a single chip and is designed for applications such as Virtual Private Networks, Web services and Storage Area Networks. Hardware mechanisms within the chip enable popular encryption standards such as 3DES and the recently introduced Advanced Encryption Standard to be implemented at speeds up to 10Gbps, according to Intel. The company is positioning the part as an alternative to customised ASICs commonly found in current high-speed firewall/VPN appliances from the likes of NetScreen. http://www.theregister.co.uk/content/55/27623.html ---------------------------------------------------- [17] New TSP computer system hits another delay By Brian Friel A new computer system that would give federal employees more control over their 401k-style Thrift Savings Plan accounts won't debut in November as scheduled, the TSP board announced Friday. The delay is the sixth time in two and a half years that the system's launch has fallen behind. This time, the delay was blamed on testing that found the new system couldn't handle large numbers of TSP transactions at once. TSP officials issued a statement saying a new launch date has not been set. "Evaluation of approaches to achieve the requisite increase in the system's processing speed is now under way, but sufficient progress has not yet been made in this effort to permit the establishment of a new schedule for system implementation," the TSP statement said. "In the interim, the board will continue to use its current well-proven monthly valued system." http://207.27.3.29/dailyfed/1002/101502b1.htm ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk