_________________________________________________________________
London, Tuesday, October 29, 2002
_________________________________________________________________
INFOCON News
_________________________________________________________________
IWS - The Information Warfare Site
http://www.iwar.org.uk
_________________________________________________________________
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe
infocon" in the body
---------------------------------------------------------------------
_________________________________________________________________
----------------------------------------------------
[News Index]
----------------------------------------------------
[1] Of mad snipers and cyber- terrorists
[2] Government, industry debate international IT security center
[3] 'We are the worst security risk' - sys admins confess
[4] RPT-Pro-Islamic hackers gear up for cyber war-experts
[5] Reuters accused of hack attack
[6] Pentagon computers tougher for hackers
[7] Talking security
[8] Universities asked to avert student file sharing
[9] E-Commerce Patent Disputes Erupt
[10] Kournikova virus writer loses appeal and faces 150 hours' community
service
[11] Report: Market forces not enough to improve security
[12] Mexico summit urges anti-piracy action
[13] Perspective: Privacy advocates lose an ally
[14] Australian team patents new firewall technology
[15] Hackers claim to have cracked new "secure" Xbox
[16] Army vendor team advances FCS
[17] Attack of the Mod Squads
_________________________________________________________________
News
_________________________________________________________________
[1] Of mad snipers and cyber- terrorists
By Thomas C Greene in Washington
Posted: 29/10/2002 at 01:34 GMT
Last Monday the Internet was attacked in what one Washington official
described as "the most sophisticated and largest assault" in its
history. Eight of thirteen root DNS servers got whacked simultaneously
with a distributed denial of service attack. Had the assault not been
shut down in an hour, the constant interchange of e-mail spam and
viruses might have been slowed; the ability of millions to BS idly with
strangers in IRC might have been impeded; e-commerce orders of bulk dog
food might have gone unfulfilled; and millions of teenagers might have
been denied their daily downloads of porn and warez and MP3s.
None of this happened, of course. Somehow, the Internet survived. It
survived against the dire warnings of White House alarm divas Richard
Clarke and Howard Schmidt. It survived against the patently faked
predictions of Gartner Experts who recently conducted devastating cyber
'war games' but sleazily neglected to involve a blue team and sleazily
neglected to emphasize this curious fact. Had there been people working
against the Gartner pseudo attack squads, as there would be in the real
world, their pseudo results would have been vastly different.
http://www.theregister.co.uk/content/55/27819.html
See also
Mock cyberwar fails to end mock civilization
http://theregister.co.uk/content/archive/26675.html
----------------------------------------------------
[2] Government, industry debate international IT security center
By William New, National Journal's Technology Daily
BRUSSELS, BELGIUM - U.S. and European officials and businesses on Monday
debated the merits of a proposal to establish a global center for
information technology security based on the center that united them in
their fight against the much-anticipated Y2K computer bug.
Harris Miller, president of the Information Technology Association of
America, raised the issue here at the U.S.-EU IT Security Forum. "There
is still no mechanism globally that allows governments on an
instantaneous basis, and industry on an instantaneous basis across
industries, to communicate regularly or in the case of a crisis about
cyber security," he said in an interview.
Miller said that like the Y2K center, the proposed International
Information Security Coordination Center could be a small and
inexpensive operation. "The players are in place, but the coordination
center is necessary to get all the players on the same page, to get the
communications network established," he said.
http://www.govexec.com/dailyfed/1002/102802tdpm2.htm
----------------------------------------------------
[3] 'We are the worst security risk' - sys admins confess
By John Leyden
Posted: 28/10/2002 at 12:04 GMT
More than half of all senior IT managers (58 per cent) think that their
own IT departments offer the largest threat to IT security.
IT security holes in corporate systems often open up during systems
upgrades or when integrating new applications into core infrastructure,
senior managers reported during a recent (and not particularly
comprehensive) survey by security consultants Defcom.
http://www.theregister.co.uk/content/55/27810.html
----------------------------------------------------
(FUD of the week. Maybe the article should have its title changed to
'Bored teenagers in the Middle East engage in cybergraffiti' WEN)
[4] RPT-Pro-Islamic hackers gear up for cyber war-experts
Reuters, 10.29.02, 4:24 AM ET
By Michael Christie
SYDNEY, Oct 29 (Reuters) - Pro-Islamic hackers are on the frontline of a
potential new cyber war after the end of a ceasefire by "hacktivists"
and virus designers that followed the September 11 attacks on the United
States, Internet experts say.
Pro-Islamic hackers are escalating attacks against countries backing the
U.S. war on terror and its campaign against Iraq, while the "Bugbear"
worm and last week's strike on the Internet backbone signal that cyber
villains are again on the prowl.
http://www.forbes.com/home/newswire/2002/10/29/rtr769602.html
----------------------------------------------------
[5] Reuters accused of hack attack
'You're meant to report this stuff, not perpetrate it...'
Reuters has been accused of hacking by Swedish software company
Intentia, which claims its computer systems were breached and its third
quarter results were lifted before the scheduled release.
Intentia launched an internal investigation into the matter after
Reuters allegedly reported on their results before they were officially
released.
The company claims to have found evidence of "unauthorised entry" into
its computer systems. This entry occurred six minutes before Reuters
released a bulletin based on the Q3 profit report, according to a
statement made by the company.
http://www.silicon.com/public/door?REQUNIQ=1035891030&6004REQEVENT=&REQI
NT1=56153&REQSTR1=newsnow
----------------------------------------------------
'... Hardening the networks against intrusions or denial of service
attacks is critical, especially if the United States is preparing for
war. "We rely more on automated command and control that any other
country," he said. ...'
'... Getting Saddam Hussein's forces off the sophisticated communication
network will require a combination of fire-power -- targeting the right
nodes -- and other means, which he declined to identify. ...'
[6] Pentagon computers tougher for hackers
By Pamela Hess
UPI Pentagon Correspondent
>From the Washington Politics & Policy Desk
Published 10/28/2002 10:40 PM
NASHVILLE, Oct. 28 (UPI) -- The Department of Defense's computer
networks were probed by hackers 14,500 times last year, with just 70
getting in. Of those, only three caused any damage -- and they were the
same viruses that hobbled the private computer networks, according to
the Army's chief of intelligence.
The problem is not that hackers and virus-makers are getting better, but
that relatively low-level systems administrators are failing to stop
known gaps in their systems, said Lt. Gen. Robert Noonan, deputy chief
of staff for intelligence, at a conference of electronic warfare
professionals held here.
"That's staggering," he said. "The major problem is that our people
don't comply ... we put out patches, and systems administrators don't do
what they should do."
http://www.upi.com/view.cfm?StoryID=20021028-091658-8410r
----------------------------------------------------
[7] Talking security
Richard Clarke: White House Cyber Security Chief
By Hiawatha Bray, Globe Staff, 10/28/2002
With vandals trying to disrupt the Internet and probing the weaknesses
of America's corporate data networks, White House Cyber Security chief
Richard Clarke has his work cut out for him. Clarke, a Dorchester native
and MIT graduate, came to Boston recently to make the case for President
Bush's plan to secure cyberspace. He spoke to Globe technology reporter
Hiawatha Bray during a visit to the newspaper.
Q. What is the White House message to Americans about computer security?
http://www.boston.com/dailyglobe2/301/business/Talking_security+.shtml
----------------------------------------------------
[8] Universities asked to avert student file sharing
by Molly Brouillette
Photo by Beche Sprigg
October 28, 2002
The Recording Industry Associate of America, in conjunction with the
Motion Picture Association of America and other copyright owner trade
groups recently sent a letter to more than 2,000 university presidents
expressing concern about the prevalence of online piracy among college
students.
In only a few short years, file-sharing programs such as Kazaa, Audio
Galaxy and the now-defunct Napster have become huge fixtures on college
campuses, many of which offer high-speed Internet connections in their
dorms.
This has raised concern from the trade groups who are upset about the
copyright violations that file-sharing programs enable. In their letter,
the trade groups equated file sharing with stealing and warned
universities that students could be subject to legal liability for their
actions.
http://www.thetowerlight.com/vnews/display.v/ART/2002/10/28/3dbc80670189
c
----------------------------------------------------
[9] E-Commerce Patent Disputes Erupt
By Sebastian Rupley
Can, and should, anyone own patents on the fundamental technologies
behind e-commerce? Those questions have come up before, and often did so
during the heyday of the dot-coms. Then, owning patents for the
computer-to-computer transaction methods that enabled electronic
shopping was a central part of how e-commerce companies competed. Now,
there is a new set of legal disputes over what parts of e-commerce
processes can be protected by patents. Lawsuits brought by Chicago-based
divine, inc., a provider of software-driven and managed enterprise
services, charge that several e-commerce companies have breached its
patents. There could be more legal machinations implied, and some
sources tell PC Magazine that the disputes could quickly extend to any
site doing e-commerce.
http://www.pcmag.com/article2/0,4149,643418,00.asp
----------------------------------------------------
[10] Kournikova virus writer loses appeal and faces 150 hours' community
service
Tuesday 29 October 2002
A Dutch appeals court has upheld the conviction and sentence of the
22-year-old man who created and unleashed the Anna Kournikova e-mail
worm last year.
Last year, Jan de Wit was sentenced to 150 hours of community service
for creating and sending out the e-mail worm. The appeals court
confirmed the sentence.
"I had hoped he would be found not guilty," said Theo Jansen, De Wit's
lawyer. "My client never intended to do any damage and no damage was
ever proven."
No damage claims were filed with the prosecutor's office, but the US
Federal Bureau of Investigation (FBI) named 55 victims of the Kournikova
worm who suffered total damage of $166,827 (£107,340).
http://www.cw360.com/bin/bladerunner?REQSESS=HM7Y5CY&2149REQEVENT=&CARTI
=116988&CARTT=1&CCAT=2&CCHAN=22&CFLAV=1
----------------------------------------------------
[11] Report: Market forces not enough to improve security
By DAN VERTON
OCTOBER 24, 2002
Market forces alone are unlikely to create the necessary incentives for
businesses to make significant improvements in security, according to a
study published this month by the Brookings Institution.
The study, "Interdependent Security: Implications for Homeland Security
Policy and Other Areas," released Oct. 17 by the Washington-based public
policy think tank, argues that the shared-risk nature of today's
security environment actually discourages companies from making the
sometimes costly investments in security.
In addition, the report states that when industry-leading companies fail
to invest in certain security precautions -- because of cost or other
reasons -- the knowledge that those companies aren't making such
investments can help "clinch a decision not to proceed" at other firms.
http://www.computerworld.com/governmenttopics/government/story/0,10801,7
5347,00.html
----------------------------------------------------
[12] Mexico summit urges anti-piracy action
10:18 Tuesday 29th October 2002
Declan McCullagh, CNET News.com
Pacific Rim nations including the US and Japan are set to clamp down on
Internet piracy, and to follow Europe's lead in combating cybercrime
The United States, China, Japan and other Pacific Rim nations have
agreed to take more steps to curb Internet piracy and cooperate more
closely on punishing cybercrime.
At the Asia Pacific Economic Cooperation summit, which ended on Sunday
in Los Cabos, Mexico, President Bush and other politicians agreed on a
set of anti-terrorism and trade-related measures that included
"curtailing copyright infringement over the Internet" and enforcing
intellectual property treaties.
http://news.zdnet.co.uk/story/0,,t269-s2124638,00.html
----------------------------------------------------
[13] Perspective: Privacy advocates lose an ally
By Declan McCullagh
October 28, 2002, 10:00 AM PT
WASHINGTON--I'm going to miss Dick Armey, the crusty Texas Republican
and House majority leader who is retiring after 17 years in Congress.
No, I won't miss his repeated attempts to outlaw electronic vice. An
unapologetic social conservative, Armey voted to restrict online sales
of alcohol, prohibit Internet gambling and restrict the sale of violent
video games to minors.
Still, Armey emerged as one of the finest champions of privacy in
Washington, and his departure means that the House leadership will no
longer include anyone attuned to the perils of electronic snooping.
http://news.com.com/2010-1069-963537.html?tag=lh
----------------------------------------------------
[14] Australian team patents new firewall technology
By Stephen Withers, ZDNet Australia
28 October 2002
A Melbourne-based group has patented a new firewall architecture that
uses parallel processing and "self learning" techniques.
"These aren't just ordinary firewalls," said IntelliGuard IT
spokesperson Ken Baker. The software analyses the contents of packets
reaching the firewall "in more detail than anything else in the world,"
he added.
Current CPUs are not fast enough to perform such deep analysis in real
time without parallel processing, Baker explained, but deployment on
multiple processors also delivers scalability and redundancy. The
IntelliGuard software can be conveniently deployed on blade servers.
http://www.zdnet.com.au/newstech/security/story/0,2000024985,20269428,00
.htm
----------------------------------------------------
[15] Hackers claim to have cracked new "secure" Xbox
[PC Pro] 12:01
Two competing teams of hackers claim to have cracked the new 'secure'
Version 2 of the Xbox in under a week.
The teams claim that their modifications opens the door to allow the
Xbox to perform a number of tricks that Microsoft and graphics chip
designer Nvidia would prefer it didn't.
http://www.pcpro.co.uk/front_index.php?ip=1&page=%2Fnews%2Fnews_story.ph
p%3Fid%3D33615
----------------------------------------------------
[16] Army vendor team advances FCS
BY Dan Caterinicchia
Oct. 25, 2002
The lead systems integrator team for the Army's Future Combat System
announced this week that it has added new subcontractors to its team as
it nears completion of the FCS concept and technology development phase.
FCS will equip manned and unmanned Army vehicles with information and
communications systems to enable soldiers to conduct missions, including
command and control, surveillance and reconnaissance, direct and
indirect fire, and personnel transport.
http://www.fcw.com/fcw/articles/2002/1021/web-army-10-25-02.asp
----------------------------------------------------
[17] Attack of the Mod Squads
Game console mod chips can be used for everything from watching movies
to installing Linux on your X-Box. But under goofy copyright laws, the
piracy app kills all the others.
By Mark Rasch Oct 28, 2002
On September 16, 2002, Microsoft, Sony and Nintendo filed a lawsuit
against Hong Kong distributor Lik Sang International Ltd, in the High
Court of Hong Kong, alleging that the company had infringed copyrights
associated with their various gaming systems.
In response, the company shut down, and when it came back up three weeks
later, it was no longer selling mod chips. The affair is the strongest
demonstration yet of how gaming manufacturers -- with the cooperation of
various government agencies -- are cracking down not just on copyright
infringement, but also on basic technology itself.
http://online.securityfocus.com/columnists/119
----------------------------------------------------
_____________________________________________________________________
The source material may be copyrighted and all rights are
retained by the original author/publisher.
Copyright 2002, IWS - The Information Warfare Site
_____________________________________________________________________
Wanja Eric Naef
Webmaster & Principal Researcher
IWS - The Information Warfare Site
<http://www.iwar.org.uk>
---------------------------------------------------------------------
To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe
infocon" in the body
To unsubscribe - send an email to "[EMAIL PROTECTED]" with
"unsubscribe
infocon" in the body
---------------------------------------------------------------------
IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk
