_________________________________________________________________ London, Friday, May 31, 2002 _________________________________________________________________
INFOCON News _________________________________________________________________ IWS - The Information Warfare Site http://www.iwar.org.uk _________________________________________________________________ IWS Sponsor National Center for Manufacturing Sciences http://www.ncms.org host of the InfraGard Manufacturing Industry Association http://trust.ncms.org _________________________________________________________________ ---------------------------------------------------- [News Index] ---------------------------------------------------- [1] Ridge speaks out on restructuring homeland security agencies [2] Virus warning: SQL worm trumps Nimda and Code Red [3] Hackers Crack Copy Protection CD's [4] Japan space hackers nabbed for spying [5] (UK) Govt freezes e-tax filing [6] FBI agent blames outdated technology for failure to prevent terror attacks [7] Securing Privacy Part Four: Internet Issues [8] Notorious hacker hits TheNerds.net [9] The next hacker target: instant messaging [10] Low-tech solution to password problem [11] FBI director unveils plan for agency overhaul [12] FBI and CIA coming on-line with new powers [13] (AU) 'Spammer' punished for war hang-up [14] Hacker 'King Kimble' handed fraud conviction [15] (UK) Cypherpunks aim to torpedo RIP key seizure plan [16] Scientists set to unveil anti-terrorism ideas in late June [17] Congressional panel issues information security report [18] EU set to weaken Net privacy regime _________________________________________________________________ News _________________________________________________________________ [1] Ridge speaks out on restructuring homeland security agencies By Katherine McIntire Peters The White House is poised to recommend reorganizing federal agencies to more effectively control people and goods at U.S. borders and help local police, firefighters and health care workers respond after terrorist attacks. The recommendations are to be included in the homeland security strategy, which is being developed by the White House Office of Homeland Security. Homeland Security Director Tom Ridge discussed some of his thinking over lunch with editors and writers at National Journal Group, including Government Executive's Katherine McIntire Peters. Q: Thousands of people enter this country illegally every day. Most just walk across the border. This is after a decade of spending billions of dollars to increase staffing, equipment and intelligence on the border. How big a concern is that to you when you look at homeland security vulnerabilities, and what is a realistic way of dealing with it? A: We have 5,000 miles of border with Canada and 2,500 miles of border with Mexico. If you add the coastline, we've got about 95,000 miles of unprotected navigable border. That openness, that size, is obviously a point of vulnerability where we know we need to enhance security. http://www.govexec.com/dailyfed/0502/053002kp1.htm ---------------------------------------------------- [2] Virus warning: SQL worm trumps Nimda and Code Red An internet worm that attacks Microsoft's SQL Server database has caused more attacks in the past week than last year's most notorious worms, Nimda and Code Red. http://www.silicon.com/bin/bladerunner?30REQEVENT=&REQAUTH=21046&14001REQSUB =REQINT1=53664 ---------------------------------------------------- [3] Hackers Crack Copy Protection CD's By THE ASSOCIATED PRESS Filed at 7:17 p.m. ET SAN FRANCISCO (AP) -- Some music fans are trying to fake out CD copy protection technology with the stroke of a felt-tip pen. The tactic is being used in Europe, where Sony is trying out a copy protection method. That model won't be coming to America, the company says. The crack in the copy protection is the talk of the town on Internet message boards, though Digital Audio Disc Corporation, Sony Corp.'s CD manufacturing unit, is not amused. http://www.nytimes.com/aponline/technology/AP-Felt-Tip-Hackers.html?ex=10235 08800&en=06d4d4bcbe8392c0&ei=5040&partner=MOREOVER ---------------------------------------------------- [4] Japan space hackers nabbed for spying TOKYO, Japan (AP) --Three workers at a major Japanese aerospace company have been arrested for allegedly hacking into the computer network of Japan's space agency to spy on a rival company. http://europe.cnn.com/2002/WORLD/asiapcf/east/05/30/japan.spacehackers.ap/in dex.html ---------------------------------------------------- [5] Govt freezes e-tax filing By Drew Cullen Posted: 31/05/2002 at 08:50 GMT Oh dear. The Inland Revenue suspended its online tax-self assessment service yesterday after users complained that they could see the tax returns of other people when they logged on to the site. http://www.theregister.co.uk/content/23/25522.html http://money.telegraph.co.uk/news/main.jhtml?xml=/news/2002/05/31/nrev31.xml &sSheet=/money/2002/05/31/ixfrontcity.html ---------------------------------------------------- [6] FBI agent blames outdated technology for failure to prevent terror attacks >From National Journal's Technology Daily A lack of modern computer technology was a key reason the FBI failed to prevent the Sept. 11 terrorist attacks, according to a special agent from the Chicago field office who on Thursday became the second agent in two weeks to accuse officials at FBI headquarters of mismanagement and obstruction of terrorism-related investigations. Robert Wright, who has investigated money laundering linked to terrorism, said FBI management "intentionally and repeatedly thwarted and obstructed" his attempts to identify terrorists and their financial backers. He argued that management problems have rendered the bureau incapable of protecting Americans against terrorist threats. "Knowing what I know, I can confidently say that until the investigative responsibilities for terrorism are transferred from the FBI, I will not feel safe," said Wright, who called for the creation of a new anti-terrorism agency. http://www.govexec.com/dailyfed/0502/053002td2.htm ---------------------------------------------------- [7] Securing Privacy Part Four: Internet Issues by Scott Granneman last updated May 29, 2002 This is the fourth and final installment in a series devoted to protecting users' privacy on the Internet. So far in this series, we've examined privacy issues concerning hardware, software, and e-mail. In this article, we will look more generally at our usage of the Internet. The Internet offers all of us unparalleled access to information, but it also brings with it unique threats to our privacy. This article will examine some of the ways you can protect yourself. http://online.securityfocus.com/infocus/1585 ---------------------------------------------------- [8] Notorious hacker hits TheNerds.net 'Zilterio' strikes for the fourth time in 8 months By Bob Sullivan MSNBC May 29 - A notorious online extortionist using the name "Zilterio" has struck again. This time, some customers of TheNerds.Net, an electronics retailer, received e-mails from [EMAIL PROTECTED], indicating their credit card data had been stolen from the site. This is the fourth Web site in 8 months attacked by someone claiming to be Zilterio - in the past, the extortionist demanded $50,000 in exchange for silence. http://www.msnbc.com/news/759029.asp ---------------------------------------------------- [9] The next hacker target: instant messaging By Robert Vamosi ZDNet Reviews May 30, 2002, 4:45 AM PT COMMENTARY--You'd better keep an eye on your handy instant messenging app, according to security software and advisory firm Internet Security Systems (ISS). Why? Now that companies are getting better at stopping e-mail viruses, says Dan Ingevaldson, director of R&D at ISS, instant messengers are the next obvious target for malicious code and viruses in the future. Also, most popular chat apps do not use a secure layer for text messages, meaning that anyone could intercept and read IM chats outside your corporate firewall. http://zdnet.com.com/2100-1107-928415.html ---------------------------------------------------- [10] Low-tech solution to password problem Could this card be answer to the password puzzle? A British inventor has come up with a low-tech answer to the problem of having a secure password. http://news.bbc.co.uk/hi/english/sci/tech/newsid_2006000/2006940.stm ---------------------------------------------------- [Great words, but actions speak louder than words. WEN] [11] FBI director unveils plan for agency overhaul By Tanya N. Ballard FBI Director Robert Mueller announced plans Wednesday to hire hundreds of new agents, replace outdated computer systems and create new offices in an effort to reorganize the 94-year-old agency and shift its mission to preventing terrorism. Mueller unveiled a 19-item list of the FBI's future priorities, headed by protecting the country from terrorist attacks and guarding against espionage. He outlined actions the agency will take to address those priorities, including shifting agents from drug, white-collar crime and violent crime investigations to counterterrorism operations and hiring 900 agents with foreign language, technology, engineering and science skills by September. The FBI will also collaborate more aggressively with other law enforcement agencies, Mueller said. "We have to do a better job recruiting, managing and training our workforce, collaborating with others, and-critically important-managing, analyzing and sharing information," Mueller said. "In essence, we need a different approach that puts prevention above all else." http://www.govexec.com/dailyfed/0502/052902t1.htm http://online.securityfocus.com/news/456 http://www.fbi.gov/page2/reorg529temp.htm http://www.fbi.gov/pressrel/speeches/speech052902.htm ---------------------------------------------------- [12] FBI and CIA coming on-line with new powers By Thomas C Greene in Washington Posted: 30/05/2002 at 10:59 GMT The FBI has assumed new powers to investigate people and organizations not even suspected of crime, with blessings from the US Department of Justice and its terror-terrified Lord Protector John Ashcroft. http://www.theregister.co.uk/content/55/25508.html ---------------------------------------------------- [13] 'Spammer' punished for war hang-up By Jamie Berry May 30 2002 An anti-war protester who jammed phone lines at Liberal Party offices around Australia before last year's federal election has been ordered to do 60 hours of community work. http://www.theage.com.au/articles/2002/05/29/1022569792822.html ---------------------------------------------------- [14] Hacker 'King Kimble' handed fraud conviction Kim "Kimble" Schmitz, German hacker, shameless self-publicist and one-time backer of Letsbuyit.com, has been convicted of insider dealing. http://www.silicon.com/bin/bladerunner?30REQEVENT=&REQAUTH=21046&14001REQSUB =REQINT1=53698 ---------------------------------------------------- [15] Cypherpunks aim to torpedo RIP key seizure plan By John Leyden Posted: 29/05/2002 at 15:10 GMT Privacy activists plan to undermine forthcoming UK Government regulations on the surrender of encryption keys through the release of an open-source cryptography project, called m-o-o-t. The Home Office hopes to publish a much delayed draft Code of Practice for part three of the Regulation of Investigatory Powers (RIP) Act, which deals with procedures for law enforcer to gain access to encryption keys or plain-text versions of scrambled messages, next month. http://www.theregister.co.uk/content/55/25499.html ---------------------------------------------------- [16] Scientists set to unveil anti-terrorism ideas in late June By Bara Vaida, National Journal's Technology Daily The National Academy of Sciences, National Academy of Engineering, Institute of Medicine and National Research Council plan to publish a list of recommendations on how the Bush administration can best use the nation's scientific and technical resources to counter terrorist threats. Lewis Branscombe, co-chairman of the National Academies Committee on Science and Technology for Countering Terrorism, said the plan currently is being reviewed and likely will be released June 24 or June 25-shortly before the administration is expected to produce its broader strategy on homeland security. "What we've tried to do is identify technologies that can be deployed immediately and technologies where research and development should be focused ... that could take one to three to four years" to be ready for deployment, Branscombe said at a press briefing hosted by King Publishing on Wednesday. http://www.govexec.com/dailyfed/0502/052902td1.htm ---------------------------------------------------- [17] Congressional panel issues information security report >From National Journal's Technology Daily Congress' Joint Economic Committee on Wednesday issued a compilation of essays titled "Security in the Information Age" heavily focusing on cyber security and critical infrastructure protection. "We must be better aware of our vulnerabilities and develop viable strategies to detect, deter, and counter both physical and cyber-based threats to our people and infrastructures," said Chairman James Saxon, R-N.J. Saxon said the reports grew out of the interest that committee member Sen. Robert Bennett, R-Utah-who selected the contributors-had shown in the subject. "In bringing us an exciting new era of technology, the information age has also given us a new set of security challenges," Bennett said. "The primary message of today's report is that we must think differently about national security in the new networked world." Contributors to the report include Undersecretary of State Kenneth Juster, Microsoft security chief Scott Charney and John Tritak, director of the Critical Infrastructure Assurance Office. http://www.govexec.com/dailyfed/0502/052902td2.htm ---------------------------------------------------- [18] EU set to weaken Net privacy regime Paul Meller The New York Times Thursday, May 30, 2002 Records could be kept longer BRUSSELS The European Parliament is expected to back a new law on data protection in a vote on Thursday, despite fierce opposition from civil rights groups, telecommunications companies and Internet service providers. In December, the 15 EU governments inserted a clause into the draft law calling on telecoms companies and ISPs to lengthen the time they retain information on their customers' log of phone calls or e-mail and Internet connections. The proposed law calls for the companies to keep such information beyond the one- or two-month period it normally is held for billing purposes, to assist police investigations. Existing European data-protection laws rule that so-called traffic data should be stored for no longer than the billing period. The current laws also place greater restrictions on law enforcement officials' rights of access to such data. http://www.iht.com/articles/59491.html http://www.dmnews.com/cgi-bin/artprevbot.cgi?article_id=20569 ---------------------------------------------------- _____________________________________________________________________ The source material may be copyrighted and all rights are retained by the original author/publisher. Copyright 2002, IWS - The Information Warfare Site _____________________________________________________________________ Wanja Eric Naef Webmaster & Principal Researcher IWS - The Information Warfare Site <http://www.iwar.org.uk> --------------------------------------------------------------------- To subscribe - send an email to "[EMAIL PROTECTED]" with "subscribe infocon" in the body To unsubscribe - send an email to "[EMAIL PROTECTED]" with "unsubscribe infocon" in the body --------------------------------------------------------------------- IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk