Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
[FC - Man - it's getting weird out there! In today's news, we find IW in the form of Clinton using the same initials as the Network Information Center for a new cyber defense center, a Presidential endorsement for @stake, $1M reward for the DCA attackers of last week, Chinese IW against Japan and the US, vote fraud - which I decide to call IW in the form of political takeovers, banks warned of the DCA attacks ahead of time, an OnLine Presidential impersonator, the NSAs secret cyberway, perception management related to the FBI, and a L0pht slam. All in one day! Can you imagine what it would be like if there were a real cyber war?]
Clinton to propose Net security center
As the investigation of last week's Internet attacks continues, the White House is expected to propose a new Internet-security center following a meeting Tuesday between President Clinton and high-tech executives. The Cyber-National Information Center, to be known as Cyber-NIC, will be a place where companies "can work together to address cyber security problems and crises," according to a planning document. In addition, the White House is asking its science adviser, Neal Lane, to take the lead in establishing a think tank supported by both the public and private sectors to consider cyber security issues. http://www.zdnet.com/zdnn/stories/news/0%2C4586%2C2437745%2C00.html http://www.newsbytes.com/pubNews/00/143914.html http://www.fcw.com/fcw/articles/2000/0214/web-dosmeeting-02-15-00.asp
Clinton fights hackers, with a hacker
Searching for ways to improve security on the Internet, President Bill Clinton convened a meeting at the White House on Tuesday with technology experts that included a hacker named Mudge. Saying security on the Internet should be improved without jeopardizing the entrepreneurial potential of e-commerce, the president endorsed a $9 million proposal to create a high-tech security institute. "We know we have to keep cyberspace open and free," Clinton said. "At the same time, computer networks (must be) more secure and resilient and we have to do more to protect privacy and civil liberties." http://www.cnn.com/2000/TECH/computing/02/15/hacker.security/
FBI Seeks Hackers in Web Attacks
The FBI sought to question several hackers Tuesday in its investigation into last week's attacks against major Web sites, looking for people known by their Internet screen names ``coolio,'' ``mafiaboy'' and ``nachoman.'' http://www.mercurycenter.com/svtech/news/breaking/ap/docs/214233l.htm http://cnn.com/2000/TECH/computing/02/15/hacking.investigation.02/index.html http://washingtonpost.com/wp-srv/WPlate/2000-02/15/041l-021500-idx.html http://www.wired.com/news/politics/0,1283,34354,00.html http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2000/02/15/BU31981.DTL
Hacker discloses new Internet attack software
A programmer familiar with attack software has disclosed three new attack programs of the type believed to have taken down major Internet sites last week, complicating the jobs of security experts trying to fight the malicious programs. Three new versions, called Fapi, Shaft and Trank, are disclosed in a paper published today by the programmer known as "Mixter" at Packet Storm, a site that publishes malicious software so security professionals can scrutinize it. Mixter is the purported author of a similar attack tool, Tribe Flood Network, and its sequel, TFN2K. http://news.cnet.com/news/0-1003-200-1549869.html
$1 Million Offered to Nab Web Attacker
A Web site has offered a $1 million reward for information leading to the arrest and conviction of whoever is responsible for the massive denial-of-service attacks on Yahoo, eBay, Amazon.com and other popular sites. But some experts believe the offer is a hoax or publicity stunt perpetrated by a businessman who advertises invisible underwear on another Web site. http://www.apbnews.com/newscenter/internetcrime/2000/02/14/reward0214_01.html
Banks Warned of Hacker Attacks
At least eight times, starting days before unusually forceful attacks against major commercial Web sites, computer experts at some of the nation's largest financial institutions received detailed warnings of impending threats. Banking officials never passed their detailed warnings to the FBI or other law enforcement agencies, even as alerts escalated last week from the first assault against the Yahoo! Web site on to eBay, Amazon, Buy.Com, CNN and others. The urgent alerts, by e-mail and pager, began fully four days before Yahoo! fell under electronic assault Feb. 8. They cautioned that dangerous attack software had been discovered implanted on powerful computers nationwide. The messages ultimately identified specific Internet addresses of attacking machines. http://www.washingtonpost.com/wp-srv/aponline/20000214/aponline221350_000.htm
Italian Cyber Criminals Apprehended
Seven Italian cyber criminals were caught by the Italian Financial Police last Friday. They have been accused of breaking into Swiss Banks, the Universita di Catania, Toronto University and others. They have also been accused of somehow siphoning money from inter bank electronic transfers. The detectives in the case also suspect that the group may have broken into web sites for money. They have been charged with spying and theft of industrial secrets. Officials are still investigating. (This information is from a bad translation and may not be 100% accurate.) http://www.ilmessaggero.it/hermes/20000212/01_NAZIONALE/INTERNI/Dab.htm
Peru election body hackers raise vote fraud alarm
Three teen-age Brazilian hackers have forced Peru to temporarily close down the Web site where results of April's presidential vote are to be published, an election spokesman said on Tuesday. Striking amid growing international fears over Internet security, the hackers repeatedly penetrated and defaced the state election body's public homepage (http://www.onpe.gob.pe) on Sunday, the spokesman said. Election observers said the breach showed the Andean nation's vote-counting system could be vulnerable to manipulation. http://www.mercurycenter.com/svtech/news/breaking/internet/docs/214584l.htm
China says no way to indentify anti-Japan hackers
China said on Tuesday there was no way to substantiate reports that nationalist Chinese hackers raided Japanese government Web sites last month and posted derogatory messages. `There is no way to confirm such reports,'' Foreign Ministry spokesman Zhu Bangzao told reporters. http://www.mercurycenter.com/svtech/news/breaking/merc/docs/013967.htm
China condemns hackers, vows tough penalties for web criminals China said Tuesday it had taken tough measures to combat computer hackers and that it did not approve of Chinese cyber terroristswho plastered anti-Japanese graffiti on the Internet. Foreignministry spokesman Zhu Bangzao said reports Chinese hackers were responsible for attacking Japanese government and commercial websites had not been confirmed. But he added: "We do not encourage such acts ... any indecent behavior is not welcomed." http://sg.dailynews.yahoo.com/headlines/technology/afp/article.html?s=singap ore/headlines/000215/technology/afp/China_condemns_hackers__vows_tough_penal ties_for_web_criminals.html
Florida girl uses ex's name to make bomb threat
A 14-year-old Florida girl used her ex-boyfriend's name to sign onto the Internet and send a message threatening to blow up her school, police said on Tuesday. The girl was arrested on Tuesday and charged with threatening to use a destructive device, a second-degree felony punishable by up to 15 years in prison. An employee of an educational Internet site in Virginia intercepted the threat on Feb. 8 and traced it to a computer in the library of Nova Middle School in Davie, Florida, a town near Fort Lauderdale. The employee alerted Davie police and faxed them a copy of the message, which said, ``I'm going to blow the school up on February 23rd if not then sooner or when you least expect -- see ya later at your graveyard this school's going down with everyone in it.'' The message also threatened to blow up the home of a school administrator, police said. http://www.mercurycenter.com/svtech/news/breaking/internet/docs/214137l.htm
Online Clinton impersonator says it was easy
A prankster who usurped President Clinton's name to urge more Internet pornography in an online presidential interview said Tuesday it was an easy trick that highlighted flaws in new media journalism. ``It was completely unplanned. I was just on there monitoring the chat just like everyone else...It asked me for a nickname,'' said Christopher Petro, a computer security consultant and chief technology officer for Internet communications company Lorcom Technology, of New York. The incident took place on Monday during an interview of Clinton by CNN, which the network billed as the first live online news interview with a sitting president. Users who had logged into CNN's chat room carrying the event saw what appeared to be the president declaring, ``Personally, I would like to see more porn on the Internet.'' http://www.mercurycenter.com/svtech/news/breaking/merc/docs/035898.htm
John Podesta on Cyber Crime
The White House Chief of Staff says the government can't fight it alone and speed is critical As the White House prepared for its Feb. 15 summit with industry officials to discuss protecting e-commerce from disruption, White House Chief of Staff John Podesta took time out to talk about the Administration's e-agenda with Stan Crock, Business Week's national security correspondent. Here are edited excerpts from their conversation: http://www.businessweek.com/bwdaily/dnflash/feb2000/nf00215h.htm
Inside the Secret Cyberwar
Facing unseen enemies, the Feds try to stay a step ahead A little after 7 p.m. Eastern standard time on Jan. 24, nearly half the computing power in the world went dead. The top secret National Security Agency's massive array of supercomputers which crunch information from America's spy satellites and global eavesdropping network mysteriously shut down for three days. Panicked, NSA brass at first feared the shutdown might have been caused by hackers. For a year the agency had been engaged in a cat-and-mouse war with a persistent group of cyberwarriors attempting to gain access to the computer network. NSA analysts had traced their footprints back to the University of California, Berkeley, but hadn't caught them and still haven't. http://newsweek.com/nw-srv/printed/us/st/a16330-2000feb13.htm
If you can't trust FBI-issue software ...
Would you like Uncle Sam inside your PC? Last December, the National Infrastructure Protection Center -- a joint effort between the FBI and the U.S. Department of Justice -- released a utility for Solaris and Linux computers that it claims will detect and eliminate the software agents which distributed-denial-of-service attack software uses to bombard other computers with a flood of data. Now, in the aftermath of this week's spate of denial-of-service attacks, that software has drawn renewed attention. And, not surprisingly, some security specialists are not quite convinced that Uncle Sam software is a good thing. http://www.zdnet.com/zdnn/stories/news/0,4586,2437096,00.html
The Hackers' Lessons
To whoever it was out there in cyberspace who launched last week's "smurf" attacks that temporarily crippled Yahoo, Amazon.com, E-Trade, eBay and CNN.com by overloading their web servers with fake requests for data, let me just say on behalf of all of us: Thank you. Yes, thank you for doing us all a favor, which is highlighting the vulnerabilities of an increasingly wired world, but doing it in a calibrated fashion -- not so powerful that you did any lasting damage, but powerful and brazen enough to get everyone galvanized to address the threat.You, dear cybervandals, have imparted three critically important lessons to the American public that no presidential speechifying could match. (NY Times article, free registration required) http://www.nytimes.com/library/opinion/friedman/021500frie.html
L0pht's goals are noble, but they're still dead wrong Perhaps I was wrong in my Jan. 17 column about L0pht Heavy Industries, the group of hackers who set out to do good and ended up doing well, especially in light of the group's merger with the @Stake security company. L0pht obviously has a noble cause. The group is out to patch security holes in the industry. Its goal is to coerce vendors to fix inherent security problems with their products and to force the vendors to patch holes more quickly. http://www.zdnet.com/zdnn/stories/comment/0,5859,2434609,00.html