Tuesday, June 29, 2004

SEC: Security In The News 6/28/04

Security In The News


This report is also available on the Internet at

NCS boss to leave:
Federal Computer Week6/24/04

Border security going digital:
The Courier-Mail6/29/04

Police to Set Up Anti-Cyber Terror Unit:
The Korea Times6/25/04

Wi-fi hopper guilty of cyber-extortion:
Security Focus6/25/04

New Australia Law to Target Cyberspace Pedophiles:

Congress Passes ID Theft Bill:

Congress Looks Out for Hollywood:
Wired News6/26/04
Also - Reuters6/24/04

Also - Reuters6/25/04

Also - Reuters6/25/04

Wi-Fi security standard sealed and delivered:
Also - Network World Fusion6/25/04

Qovia Tackles Burgeoning 'Voice Spam':
EWeek (AP)6/26/04

VeriSign introduces e-mail, antiphishing services:

Juniper simplifies secure log-in:
C-Net News6/28/04

Security Breaches, Congestion Found At Trade Show WLAN:
Mobile Pipeline6/24/04

CERT recommends anything but IE:
The Register6/28/04

Human Firewall gets new owner:
C-Net News6/25/04

Homeland Security & Infrastructure Protection

Title: NCS boss to leave
Source: Federal Computer Week
Date Written: June 24, 2004
Date Collected: June 28, 2004
Brenton Greene is leaving his post as deputy manager of the National Communications System (NCS) to return to the private sector. As deputy manager, Mr. Greene oversaw the day-to-day policies and programmatic and technical aspects of federal communications for national security and emergency preparedness. The NCS is an interagency group with representatives from 23 federal departments and agencies to coordinate communications during emergencies. Mr. Greene coordinated the transfer of NCS from the Defense Department to Homeland Security in 2003. Mr. Greene also oversaw the deployment of the Wireless Priority Service, which allows federal officials wireless telephone communications even when wireless networks are saturated. He also coordinated emergency communications following the September 11, 2001, terrorist attacks, earning the agency a Joint Meritorious Unit Commendation from Defense Secretary Donald Rumsfeld. Peter Fonash, chief of the NCS Technology and Programs Divisio!
n, will act as deputy manager until a permanent replacement is found.


Title: Border security going digital
Source: The Courier-Mail
Date Written: June 29, 2004
Date Collected: June 28, 2004
Australia will run three test programs using biometrics to improve border control. The Department of Immigration plans to build an Identity Services Repository as part of a AU$4.4 million project store photos, fingerprints, iris scans, and other biometric identifiers of visa applicants, to be compared with watch lists at each stage of the visa process. The project is made possible by legislation allowing Immigration to record identifiers of non-citizens starting in August 2004; the project will depend on applicant acceptance, and fingerprints will only be taken if someone comes under suspicion. Currently, Immigration only plans to digitize information already taken from immigrants. While the United States fingerprints all visitors, Australia will not, given the cost and complexity of managing the data. Customs will receive AU$3.1 million for to extend the SmartGate facial recognition system, while the Department of Foreign Affairs and Trade will receive AU$2.2 million for bi!
ometric passports.



Title: Police to Set Up Anti-Cyber Terror Unit
Source: The Korea Times
Date Written: June 25, 2004
Date Collected: June 28, 2004
South Korea's National Police Agency (NPA) is planning to build an anti-cyberterror unit to consist of 110 people headed by a high ranking police officer by the end of 2004, following a recent spate of attacks against government computers and the spread of images of the beheading of Kim Sun-il in Iraq. Currently, the NPA has a small division devoted to cyberterror, which will be expanded to four sections: prevention, technology development, investigation, and international cooperation. A cyberterror investigation group was created in 1995, and expanded to cybercrime and ten members in 1997. The Korean government expects more cyber attacks against Korean computers following the deployment of Korean troops to Iraq. The new unit will compare to the US Cyber Division with the Federal Bureau of Investigation (FBI) and Britain's National High-Tech Crime Unit (NHTCU).


Title: Wi-fi hopper guilty of cyber-extortion
Source: Security Focus
Date Written: June 25, 2004
Date Collected: June 28, 2004
Myron Tereshchuk, 42, of Maryland, has pled guilty to one charge of attempted extortion affecting commerce for demanding $17 million from MicroPatent, a Connecticut intellectual property firm. Mr. Tereshchuk ran a competing patent document service, and was caught removing files from the US Patent and Trademark Office (USPTO), and temporarily banned from the facility. Mr. Tereshchuk believed he was banned due to corruption at the USPTO, and blamed MicroPatent. He began penetrating their computer systems, going through trash and harassing MicroPatent's president and customers over e-mail. FBI (Federal Bureau of Investigation) agents tracked some of the e-mails to unsecured 802.11b wireless networks in Maryland. Investigators considered him a prime suspect due to past incidents with MicroPatent. Police surveilled Mr. Tereshchuk as he used computers at the University of Maryland to send e-mails. Investigators also found components for hand grenades and the formula and ingredient!
s for Ricin when they searched his home.



Title: New Australia Law to Target Cyberspace Pedophiles
Source: Reuters
Date Written: June 25, 2004
Date Collected: June 28, 2004
The Australian Senate is considering a law that would make using the Internet to solicit children younger than 16 years of age for sex punishable by fifteen years imprisonment, and ten years imprisonment for accessing or transmitting child pornography. Police officers could also use fake identities in chatrooms to catch pedophiles, as well as join in a task force with the United States, Britain, and Canada to patrol chatrooms. Around 85% of child pornography seized in Australia is traded over the Internet; Microsoft's MSN shut down its chatrooms in 2003, arguing that they have become a haven for pedophiles.


Title: Congress Passes ID Theft Bill
Source: EWeek.com
Date Written: June 25, 2004
Date Collected: June 28, 2004
The US Senate has passed the Identity Theft Penalty Enhancement Act, defining a new crime--aggravated identity theft--and increasing criminal penalties for related crimes. Aggravated identity theft is the use of a stolen identity to commit certain other crimes, and has a mandatory sentence of two years imprisonment--five years if an identity is stolen for terrorism. The House of Representatives has also passed the bill, written by Representative John Carter (R-Texas). The bill instructs the US Sentencing Commission to revise guidelines for cases of identity theft by insiders, who account for a large proportion of such crimes, particularly in health care and finance. The bill does not require organizations to protect personal data they store, as legislation regarding private sector security practices has found little support.


Title: Congress Looks Out for Hollywood
Source: Wired News
Date Written: June 26, 2004
Date Collected: June 28, 2004
US Congress passed or advanced a number of bills aimed at copyright infringement, identity theft, and spyware. The Inducing Infringement of Copyrights Act, also known as the Induce Act, backed by Senator Orrin Hatch (R-Utah) and cosponsored by Sen. Patrick Leahy (D-Vermont), seeks to "allow creative artists to sue corporations that profit by encouraging children, teenagers and others to commit illegal or criminal acts of copyright infringement", according to a press release from Mr. Hatch's office. However, critics, such as Jason Schultz of the Electronic Frontier Foundation (EFF) find the bill too broad, arguing that it would outlaw such common technologies as iPods and FTP (file transfer protocol) servers. Analysts do not expect the bill to find wide support. The Artists' Rights and Theft Prevention (ART) Act, passed unanimously by the Senate, makes recording movies in a theatre punishable by up to ten years in prison and increases penalties for distributing films or music!
before their official release date. The Protecting Intellectual Rights Against Theft and Expropriation (PIRATE) Act authorizes the Justice Department to pursue civil suits, rather than criminal cases, against copyright infringers. The Identity Theft Penalty Enhancement Act establishes tougher penalties for identity theft. The Securely Protect Yourself Against Cyber Trespass (SPY ACT) Act, approved by a congressional committee, requires software makers to notify users before installing spyware, to make spyware easy to remove, and establishes millions in fines for using spyware for identity theft.

Also - http://www.reuters.com/newsArticle.jhtml?storyID=5508905

Also - http://www.reuters.com/newsArticle.jhtml?storyID=5519761

Also - http://www.reuters.com/newsArticle.jhtml?storyID=5518668


Title: Wi-Fi security standard sealed and delivered
Source: ZDNet
Date Written: June 25, 2004
Date Collected: June 28, 2004
The Institute of Electrical and Electronic Engineers (IEEE) has ratified the 802.11i standard, adding stronger security to Wi-Fi wireless networks. Many of the components in 802.11i have already been built into many wireless products in anticipation of 802.11i's approval. Earlier 802.11 standards used the easily cracked WEP (Wired Equivalent Privacy) encryption; the new standard uses AES (Advanced Encryption Standard), supporting 128-bit, 192-bit, and 256-bit encryption. Intel will add 802.11i to its Centrino chipset following Wi-Fi Alliance certification, expected in September 2004. Other standards under development are 802.11e for quality of service, r for roaming between networks, and n, which promises transmission rates of more than 100 megabits per second.

Also - http://www.nwfusion.com/news/2004/0625stronwlan.html

Title: Qovia Tackles Burgeoning 'Voice Spam'
Source: EWeek (AP)
Date Written: June 26, 2004
Date Collected: June 28, 2004
Technology company Qovia says it has developed technology to prevent "voice spam", telemarketing pitches that exploit VoIP (Voice over Internet Protocol) in much the same way as e-mail spam exploits the Internet. Qovia vice-president R. Pierce Reid says his company decided to create spam blocking for VoIP before it became a problem, and that it will file a patent application within a week. Qovia's technology is based on algorithms that recognize patterns in phone calls that match recorded sales pitches. 13% of international voice traffic is carried over the Internet, according to TeleGeography.


Title: VeriSign introduces e-mail, antiphishing services
Source: InfoWorld
Date Written: June 28, 2004
Date Collected: June 28, 2004
VeriSign has launched two new services to help companies protect themselves from spam, viruses, and phishing scams. The VeriSign Email Security Service intercepts and filters e-mails before delivering them to customer servers. Customers can use the service by modifying their mail exchange (MX) record to point to the Email Security Service servers, powered by FrontBridge Technologies. The Anti-Phishing Solution will leverage VeriSign's domain name monitoring service, web crawlers, spam filters, and customer complaint services to spot spoof websites used in phishing scams. VeriSign can use its relations with web hosts to shut down spoof sites. VeriSign will also offer paid consulting services to help organizations create training and policies to address phishing scams. VeriSign plans to support sender authentication plans, such as Sender ID, to cut down on spam. Both services will be available July 12, 2004, and will cost between one and three dollars per user per month.


Title: Juniper simplifies secure log-in
Source: C-Net News
Date Written: June 28, 2004
Date Collected: June 28, 2004
Juniper Networks has updated its SSL VPN (Secure Sockets Layer Virtual Private Network) with support for SAML (Security Assertion Markup Language). SSL VPNs work on the application layer, forcing remote workers to log in every time they use a new application; SAML will require only one log-in for multiple applications. Juniper is working with Entrust, IBM, Netegrity, Oblix, OpenNetwork and RSA Security to build interoperability into their access management products. The SSL VPN market has heated up, with larger companies acquiring start-ups with such technology, or in the case of Cisco and Check Point Software, developing their own. Juniper purchased Netscreen to acquire SSL VPN. SAML is an OASIS (Organization for the Advancement of Structured Information Standards) standard built on XML (Extensible Markup Language) to allow the scalable protected exchange of authentication data.


Vulnerabilities & Exploits

Title: Security Breaches, Congestion Found At Trade Show WLAN
Source: Mobile Pipeline
Date Written: June 24, 2004
Date Collected: June 28, 2004
AirDefense reports that attendees of the Supercomm trade show in Chicago congested WLANs (wireless local area networks) and created a number of breaches. AirDefense found a large number of "soft access points", laptops with software enabling them to act as access points, adding to the confusion and congestion. At one point, 117 users tried to use the same access point simultaneously. Only 10% used a VPN (virtual private network) to protect their connections, while AirDefense found fifty devices scanning the networks, and forty using spoofed MAC (Machine Address Code) addresses. AirDefense also found eight access point hijackings, but those may have been demonstrations of security products.


Title: CERT recommends anything but IE
Source: The Register
Date Written: June 28, 2004
Date Collected: June 28, 2004
US CERT (United States Computer Emergency Readiness Team) has advised users to stop using Microsoft Internet Explorer in favor of other browsers after the discovery of a vulnerability that could allow attackers to log users' keystrokes. A malware, known as 'Scob' or 'Download.ject', can be uploaded secretly to websites using Microsoft's Internet Information Server 5.0. Internet Explorer users who visit infected websites would be susceptible to having their keystrokes logged through flaws in "IE domain/zone security model, the DHTML object model, MIME type determination, and ActiveX", according to the US CERT advisory. The flaws only affect Internet Explorer. Microsoft says it has not found widespread consumer impact, and notes that the Russian site that hosted the Scob code has been taken offline.


Best Practices & Risk Management

Title: Human Firewall gets new owner
Source: C-Net News
Date Written: June 25, 2004
Date Collected: June 28, 2004
The Information Systems Security Association (ISSA) has assumed control over the Human Firewall project after two of the project's financial backers reduced their support. The Human Firewall project aims to educate users of the human factors of information security and security behaviors. The site will continue to help users check the security of their machines, and will post articles and surveys about security. A CIO study finds that only 23% of employees receive some type of security training. Most users are concerned about security, but do not know what to do to defend their systems, according to Dave Cullinane, ISSA president.


To change your delivery preferences please go to:

If you wish to stop receiving the 'Security in the News' service please go to:

The Institute for Security Technology Studies (ISTS) accepts no responsibility for any error or
omissions in this e-mail. The information presented is a compilation of material from various
sources and has not been verified by staff of the ISTS. Therefore, the ISTS cannot be made
responsible for the factual accuracy of the material presented. The ISTS is not liable for any loss
or damage arising from or in connection with the information contained in this report. It is the
responsibility of the user to evaluate the content and usefulness of this information. References in
this e-mail to any specific commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement, recommendation, or favoring by
the ISTS. ISTS is a research, not operational, organization, and makes its Security in the News
e-mail available as a public service on a best-effort basis. Security in the News will be sent out
on most business days, but not all.

Institute for Security Technology Studies
Dartmouth College
45 Lyme Road, Suite 200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail: dailyreport@ists.dartmouth.edu

Information is the currency of victory on the battlefield.
GEN Gordon Sullivan, CSA (1993)

INFOCON Mailing List @
IWS - The Information Warfare Site

To subscribe, change your subscription or unsubscribe go to http://www.iwar.org.uk/mailman/listinfo/infocon/


Post a Comment

<< Home

Get Firefox!