[INFOCON] - interesting GAO reports
[I am currently attending an interesting 3 day conference on National Security & Homeland Defense, hence the delay in posting. If I have time I might type up my conference notes and send it to a few people or maybe to the list. Below you will find some interesting GAO report. WEN] Homeland Security: Key Elements to Unify Efforts Are Underway but Uncertainty Remains. GAO-02-610, June 7. http://www.gao.gov/cgi-bin/getrpt?GAO-02-610 Highway Infrastructure: Interstate Physical Conditions Have Improved, but Congestion and Other Pressures Continue. GAO-02-571, May 31. http://www.gao.gov/cgi-bin/getrpt?GAO-02-571 Information Security: Corps of Engineers Making Improvements, but Weaknesses Continue. GAO-02-589, June 10. http://www.gao.gov/cgi-bin/getrpt?GAO-02-589 TESTIMONY National Preparedness: Integrating New and Existing Technology and Information Sharing Into an Effective Homeland Security Strategy, by Randall A. Yim, director, national preparedness issues, before the Subcommittee on Technology and Procurement Policy, House Committee on Government Reform.GAO-02-811T, June 7. http://www.gao.gov/cgi-bin/getrpt?GAO-02-811T Telecommunications: History and Current Issues Related to Radio Spectrum Management, by Peter F. Guerrero, director, physical infrastructure issues, before the Senate Committee on Commerce, Science, and Transportation. GAO-02-814T, June 11. http://www.gao.gov/cgi-bin/getrpt?GAO-02-814T IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
[INFOCON] - OCIPEP DAILY BRIEF Number: DOB02-079 Date: 11 June2002
OCIPEP DAILY BRIEF Number: DOB02-079 Date: 11 June 2002 NEWS OCIPEP Issues Advisory - Securing and Protecting Your Web Server With the recent increase of web site defacements with anti-G8 messages, OCIPEP has issued an advisory reminding system and network administrators to maintain secure web servers. Web site defacements are normally, but not exclusively, a result of buffer overflows, poor coding (CGI scripts) and improper configurations. The advisory lists some of the basic measures to protect against defacements, such as keeping operating systems and applications software patched, checking logs regularly and maintaining a current backup of the systems. Comment: OCIPEP's Advisory AV02-030 can be viewed at: http://www.ocipep.gc.ca/emergencies/advisories/AV02-030_e.html Homeland Security Department Will Be Big Spender The proposed U.S. Department of Homeland Security would have an annual procurement budget of US$5 billion, one of the largest in the country, according to David Litman, a senior procurement executive at the Transportation Department. A large portion of the procurement budget, about 20 percent, would come from the newly-created Transportation Security Administration, which has just awarded a US$5.5-billion contract to Boeing Services Company for the deployment of about 1,100 explosive-detection machines to screen passenger luggage. The Coast Guard and Customs Service will also require a large share of procurement dollars to continue their ongoing modernization programs. (Source: govexec.com, 10 June 2002) http://www.govexec.com/dailyfed/0602/061002g1.htm Comment: A full text of the Bush Administration's proposal for a Department of Homeland Security is available at: http://www.govexec.com/dailyfed/0602/060602bushproposal.htm IN BRIEF Increased Military Presence at G8 Summit The Canadian Forces will have about 5,000 soldiers in the Kananaskis area to help ensure security at the G8 Summit. Military fighter jets and helicopters will be in the air during the Summit, and the increase presence on the ground will be felt both in Calgary and in Kananaskis. (Source: CBC News, 10 June 2002) http://calgary.cbc.ca/template/servlet/View?filename=ml_6102002 State of Emergency Declared in Southern Alberta A state of emergency has been declared in parts of southern Alberta, where heavy rains have flooded homes and roads over the past three days. Some residents had to be moved to nearby schools, and it could be a week or more before they can go back to their homes. (Source: CBC News, 11 June 2002) http://www.cbc.ca/stories/2002/06/11/ab_floods020611 "Dirty Bomb" Would Produce Low Radiation Level Heart attacks resulting from the chaos created by the explosion of a "dirty bomb" would claim more victims than radiation poisoning, according to the American Institute of Physics' web site. Exposure to radiation levels would be low, and the initial death toll would come mostly from the explosion of the device itself. (Source: CNN.com, 10 June 2002) http://www.cnn.com/2002/HEALTH/06/10/dirty.bomb.health/index.html Restructuring Will Help Government Agencies Work With Private Sector The restructuring of U.S. cybercrime agencies will improve federal coordination with the private sector, according to White House cybersecurity chief Richard Clarke. The proposal outlined by President Bush would bring together the FBI's National Infrastructure Protection Center and the U.S. Commerce Department's Critical Infrastructure Assurance Office, which both work extensively with the private sector. (Source: Computerworld, 10 June 2002) http://www.computerworld.com/securitytopics/security/story/0,10801,71903,00. html CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Symantec reports on Backdoor.Latinus, which is a Trojan that can log keystrokes and send them to the hacker. http://securityresponse.symantec.com/avcenter/venc/data/backdoor.latinus.htm l Symantec reports on W32.Frethem.D@mm, which is a variant of W32.Frethem.B@mm worm that uses its own SMTP engine to propagate via e-mail. It arrives with the subject line "Re: Your password!" and the attachment "decrypt-password.exe". http:[EMAIL PROTECTED] l Symantec reports on W32.Chier@mm, which is a worm that uses its own SMTP engine to propagate via e-mail. It arrives with the subject line "Hi, i am " and the attachment "p.exe". http:[EMAIL PROTECTED] Trend Micro reports on VBS_NEMITE.A, which is a VBScript worm embedded in an HTML file that propagates via e-mail. It arrives with the subject line "HI" and the attachment "Syashin3.vbs". http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_NEMITE.A Sophos reports on Troj/DSS-A, which is a Trojan that is likely to arrive in an e-mail as an attachment called "OPENME.EXE". http://sophos.com/virusinfo/analyses/trojdssa.html Vulnerabilities SecurityFocus reports on a buffer overflow vulnerability in Microsoft's ASP.NET StateServer process that could allow a remot
[INFOCON] - NIPC Daily Report 11 June, 2002
NIPC Daily Report 11 June, 2002 The NIPC Watch and Warning Unit compiles this report to inform recipients of issues impacting the integrity and capability of the nation's critical infrastructures. American citizen arrested for plotting to build and detonate radioactive dirty bomb. An American citizen, with alleged ties to the al Qaeda terror network, has been arrested on suspicion of plotting to build and detonate a radioactive "dirty" bomb in the United States. Abdullah al Muhajir, 31, was transferred late Sunday to a naval brig in South Carolina after President Bush designated him an "enemy combatant." (Washington Post, 10 June) Old code in Windows is a security threat. Microsoft is attempting to quickly retire old code in its Windows operating system and other software as a result of the company's four-month-old "trustworthy computing" initiative. The revelation follows last week's warning that a serious vulnerability in Microsoft's Internet Explorer occurred in the software supporting a decade-old protocol that has rarely been used since the World Wide Web became popular. The company is rushing to eliminate old code as a result of criticism that Microsoft's security initiative has been slow to show results. The Company has reported more than 30 vulnerabilities since the initiative began. (CNET News, 9 June) Government asks Industry to aid in security gateway solution. A government team leading the development of a security gateway asked industry last week for possible solutions to make the initiative a reality. The new system will authenticate users accessing e-government services, by validating a credential such as a password or digital certificate previously issued. The gateway prototype is expected to be operational in September, working with two to four of the other e-government initiatives overseen by the Office of Management and Budget as part of President Bush's E-Government Strategy. (Federal Computer Week 10 June) Hacker gurus recruit unsuspecting youth. Sophisticated online "mentors" are helping unsuspecting young people cause serious damage to personal computers. Hacking gurus are taking advantage of curious young people, swaying them to try their hand at hacking and virus writing. Mentors are distributing virus-writing and hacking software on more than 30,000 Web sites. The most dangerous aspect is the potential for a mentor to use inexperienced Internet users to accomplish political or terrorist-minded goals; however, there is little evidence that shows young hackers are being utilized by terrorists or organized crime. Online software or tool-kits allow people to write malicious code almost as easily as creating a Microsoft Word document. Novice hackers are using the software to write new variants of viruses, such as Klez or Code Red, or hack into a computer network without realizing how much damage their actions may cause. Hacking and virus writing has been made popular in books and films such as The Matrix, Hackers and Swordfish. Many teens, looking to mimic what they see in popular culture, join underground hacking groups and quickly realize a mentor's toolkits are the easiest way to break into the world of hacking. Unsophisticated or novice hackers often lack a sense of responsibility, are unaware of the capabilities of the hacker tools they use, do not appreciate the implications of hacking, or are unconcerned about the consequences of their actions. (Ottawa Citizen, 6 June) Fire threatens Denver metropolitan area; up to 40,000 people could be evacuated. On 10 June, a wind-driven wildfire hit Denver. Up to 40,000 people might be forced to leave their homes along the southwestern edge of the metropolitan area. The fire has burned across more than 75,000 acres and is within five miles of residential neighborhoods, spreading toward Denver at about a mile an hour. The fire started by an illegal campfire on Saturday, 9 June, in the Pike National Forest 55 miles southwest of Denver. Nearly 300 firefighters were on the lines and more crews were ordered into place. Four bombers and four helicopters dropped fire retardant and water. "There's nothing that can be done to stop this fire under current weather and fuel conditions," said Gov. Bill Owens. (Associated Press, 10 June) RM IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk