NIPC Daily Report 25 July 2002
The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nations critical infrastructures. Congress sends $28.9B terror package to Bush. Congress sent President Bush a $28.9 billion counterterrorism package on 24 July, after the price of the package was resolved between the White House and lawmakers. Half the funds in the bill are for the Pentagon and intelligence activities, while the rest are for programs like security at ports and nuclear facilities, New York's rebuilding efforts, aid to allies like Afghanistan and Indonesia, and a number of home-district projects won by lawmakers. The bill includes $14.5 billion for defense and intelligence; $6.7 billion for aviation safety, the FBI and other domestic security programs; $5.5 billion for New York; and $2.1 billion for foreign aid and US diplomatic programs. Other projects include $6 million to upgrade a US Geological Survey data center near Sioux Falls, S.D.; $10 million for farmers near the Rio Grande involved in a water dispute with Mexico; and $7 million for enhancing water supplies in New Mexico. (Associated Press, 24 Jul) Senators challenge foreign companies' use Of US stock markets. US senators want the Central Intelligence Agency (CIA) to publicly identify those foreign companies raising money in US markets that are suspected of aiding the spread of weapons of mass destruction. The Senate Intelligence Committee amended the CIA's fiscal 2003 budget to require an annual listing after a congressional audit found that some Chinese and Russian companies raising money in US equity markets are complicit in the spread of chemical, biological and nuclear weapons. The report by the Congress's General Accounting Office (GAO) is classified. Auditors have discussed its contents with congressional, intelligence and executive branch officials, as well as members of the China Commission, which Congress established to review whether trade and business relations with China might be jeopardizing US national security. China may have raised more than $14 billion through US IPOs since 1998, or more than 70 percent of the $20 billion that Chinese firms raised in the period, analyst Gordon G. Chang told the committee in a report entitled ``China's Capital Needs.'' The GAO report is the first US examination of the role in US capital markets of foreign companies suspected of being involved in developing weapons of mass destruction, dealing with the Chinese military and intelligence service, or covertly transferring US technology to other nations. (Bloomberg News , 23 Jul) Executives advised to take role in Internet security. A guide, to be released on 24 July by the Internet Security Alliance, recommends that executives adopt 10 key practices in order to protect their organizations' vulnerable networks and content. The alliance is the joint effort of Carnegie Mellon University's Software Engineering Institute, the institute's CERT Coordination Center and the Electronics Industries Alliance. The guide, which will be available on the alliance's Web site, suggests that senior managers identify the security risks within their organizations, create specific policies to address the problems, provide necessary funding to implement and maintain security measures, and make users accountable for their actions. Other recommendations include the use of system-monitoring tools, development of emergency recovery plans, and the regulation of access to key physical assets. (Washington Post, 24 Jul) FAA grounds all foreign pilots. The Federal Aviation Administration (FAA) has put out a new mandate that effectively grounds licensed pilots from other countries to enhance safety. The FAA quickly and quietly issued a directive on 16 July that prohibits foreign pilots from flying in this country, renting planes, and taking lessons. Effective immediately, the government is no longer issuing 'courtesy licenses,' where a person from another country with a current pilot's license is honored in the US. The new directive leaves many unanswered questions. Flight school instructors want to know if it means they have to discontinue flying with licensed foreign pilots who already have the certificate. The FAA says the agency is working on a new procedure. (nbc-2.com/News/stories, 23 Jul) WebTV 'virus' calls the cops, MSNTV email worm hijacks modems and phones 911. Reports are coming in from the US of the first 'virus' to affect Microsoft's WebTV boxes. The malicious code causes the machine to dial 911, the US emergency services number, and has reportedly resulted in police officers being dispatched to WebTV users' homes. Microsoft said that a virus that spreads via e-mail is hijacking the machines. Once the malicious attachment is executed, the WebTV box reboots and dials out to 911. An officer is usually dispatched to the caller's address if the caller does not reply. The 'virus' looks more like a known modem exploit, which affects all operating systems with a dial-up connection. Most modems today use the Hayes Command Set for their instructions, and a glitch in the way modems handle certain strings leaves them susceptible to denial of service attacks. (Vunet, 24 Jul) IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
