[iwar] News
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Sat, 17 Mar 2001 19:27:58 -0800 (PST)
fc Sat Mar 17 19:34:33 2001
Return-Path:
Delivered-To: fc@all.net
Received: from 204.181.12.215
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Sat, 17 Mar 2001 19:34:33 -0800 (PST)
Received: (qmail 25942 invoked by uid 510); 18 Mar 2001 03:26:28 -0000
Received: from c9.egroups.com (208.50.99.230)
by 204.181.12.215 with SMTP; 18 Mar 2001 03:26:28 -0000
X-eGroups-Return: sentto-279987-1041-984886079-fc=all.net@returns.onelist.com
Received: from [10.1.4.54] by c9.egroups.com with NNFMP; 18 Mar 2001 03:27:59 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_0_4); 18 Mar 2001 03:27:59 -0000
Received: (qmail 342 invoked from network); 18 Mar 2001 03:27:58 -0000
Received: from unknown (10.1.10.26) by l8.egroups.com with QMQP; 18 Mar 2001 03:27:58 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 18 Mar 2001 03:27:58 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id TAA29986 for iwar@onelist.com; Sat, 17 Mar 2001 19:27:58 -0800
Message-Id: <200103180327.TAA29986@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe:
Date: Sat, 17 Mar 2001 19:27:58 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] News
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
[FC - don't believe everything you read in the paper... I am not
authorized to make comments on this particular item, however, as I
understand it, the official line goes something like this:
As a matter of policy, Sandia does not comment on items such as this.
In addition, it should be clearly understood that in most cases
subsequent investigations shows that such claims are not accurate.]
Hackers hit Sandia
The U.S. intelligence community is conducting
a damage assessment of a major hacker incident
involving Sandia National Laboratory in New Mexico.
"It's big," said an official familiar with the
incident. Few details could be learned, however.
According to U.S. intelligence officials, hackers
suspected of having links to a foreign government
successfully broke into Sandia's computer system
and were able to access sensitive classified
information. The incident took place in the past
several weeks. The suspected governments, according
to the officials, include Russia, China, Iraq or
North Korea =97 all nations thought to have well
developed information-warfare capabilities.
http://www.gertzfile.com/InsidetheRing.html
Intrusion Detection Systems: An Opening For Hackers?
System administrators who rely on intrusion detection
systems to snag malicious hacker trying to break into
their system may actually be lulling themselves into
a false sense of security, the government's security
watchdog warned today. The National Infrastructure
Protection Center (NIPC), the FBI's cyber-crime
division, said initial reports indicate that a
software package had been identified that could be
used to disable a computer's intrusion detection
system (IDS) by flooding it with Internet traffic
from a number of Internet addresses simultaneously.
The heavy traffic could cause the IDS to become
inoperative, thus opening the door to malicious
hackers, the NIPC said. The NIPC did not release
any further information about the IDS systems
affected or the source of the tool that could be
used to defeat them, saying only that it was "still
reviewing the information for accuracy and to
determine the level of threat."
http://www.newsbytes.com/news/01/163221.html
No accord reached on e-crime
Law enforcement agencies are accused of fuelling fears
over cybercrime. In a bad week for European/US digital
relations, US regulators look set to reject the European
Cyber-Crime Convention, aimed at harmonising laws on
computer-related offences. A lack of agreement could
add to the complexity of trading across international
borders. US experts said the scheme was unclear and
unworkable, and particularly objected to a clause that
states that employers should be liable for crimes
committed by staff on company networks. Speaking at
the recent Computers, Freedom and Privacy conference
held in Massachusetts, Jim Halpert, partner at a US
law firm and a representative of the Commercial
Internet eXchange and NetCoalition, said that the US
was unlikely to adopt the convention in its current form.
http://www.zdnet.co.uk/news/2001/10/ns-21631.html
U.S. To Make State Department Hacker-Proof
U.S. Secretary of State Colin Powell told the
U.S. Congress on Wednesday that President Bush
plans to ask for US$270 million to upgrade the
State Department's information technology systems.
The money is needed, Powell said in testimony
before the Senate budget committee, to bring
State Department employees in the U.S. and abroad
into the Internet age, and would focus in particular
on the department's classified networks. U.S.
government agencies, including the State Department,
have been under increasing attack by computer hackers,
originating both in the U.S. and overseas. The State
Department was included in a coordinated attack in
January that targeted government and military sites
in the United States, United Kingdom and Australia.
http://www.newsfactor.com/perl/story/8238.html
Experts: Asia Not taking net Security seriously
Asian businesses are not taking Internet security
seriously enough even as hacking into computer
networks becomes easier, security experts said
on Friday. ``Most organizations understand at an
intellectual level that this is an important issue
but perhaps do not necessarily appreciate the
gravity and urgency of the situation until a major
incident occurs,'' said Puni Rajah, vice president
of consulting at research company IDC Asia-Pacific.
Rajah was speaking at a Compaq Global Services
news conference to unveil its alliance with
security solutions provider Internet Security
Systems (ISS).
http://www.siliconvalley.com/docs/news/reuters_wire/970003l.htm
U.S. bailing out of safe harbor deal?
The future of the safe harbor data protection
agreement between the EU and the US looks uncertain,
after US senators complained that implementation
would cost consumers billions of dollars. The
agreement is designed to ensure consumer data
exported to U.S. firms is protected as required
under EU law. If the agreement is abandoned, UK
firms will have to set up contracts with all U.S.
companies to which they send consumer data or
clear it with the individuals concerned, in order
to comply with EU law.
http://www.zdnet.com/zdnn/stories/news/0,4586,2697328,00.html
http://www.zdnet.co.uk/news/2001/10/ns-21626.html
The Internet's Absolute Worst Threat
The fate of the Internet as a global commercial force
may hang less on the rise or fall of any particular
dot-com than it does on the persistent threat that
hackers, crackers, bugs and worms could one day cause
the entire structure to explode like a dying star.
Government agencies, corporate giants and security
wizards are attacking the problem with zeal, but the
consensus is that so far, the advantage lies with the
bad guys. As absurd as it may sound, it remains
child's play for serious cyber-saboteurs to wreak
havoc on corporate and government networks. The best
option yet available seems to be damage control, and
it is crucial to identify the biggest threats to the
Net in order to accomplish it.
http://www.newsfactor.com/perl/story/8222.html
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Make good on the promise you made at graduation to keep
in touch. Classmates.com has over 14 million registered
high school alumni--chances are you'll find your friends!
http://us.click.yahoo.com/l3joGB/DMUCAA/4ihDAA/kzAVlB/TM
---------------------------------------------------------------------_->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/