Reply-To: iwar@egroups.com
Subject: [iwar] Historical posting
National Discount Brokerage Faces Hacker Attack
DB, an online broker, was cut off for more than an hour yesterday because of what it said was an attack by computer vandals that was similar to those against several prominent Web sites earlier this month. In addition, Microsoft said yesterday that it had come under attack this week. Adam Sohn, a spokesman for Microsoft, said the effect of the two-hour assault on Tuesday morning was limited, making the site inaccessible to no more than 10 percent of its potential visitors. Dennis Marino, chairman of NDB, said his company's site was sluggish as soon as the market opened yesterday morning. As with previous attacks against sites like Yahoo, eBay and CNN, he said, NDB's computers were flooded with meaningless data, making it difficult for customers to reach the site. (NY Times article, free registration required) http://www.nytimes.com/library/tech/00/02/biztech/articles/25hack.html
Prestigious Law Firm Traced to Denial of Service Attacks and Hacking 'Malicious' Denial of Service Attacks and Hacking Attempts Waged Against a Web Retailer Have Been Traced to An Employee of a Prestigious Washington D.C. Law Firm. An employee of Steptoe & Johnson LLP, one of the top 100 law firms on the country, repeatedly attacked the computers of Moore Publishing Co. Inc., an online retailer that sells public records and information services, as well at its internet host CIBIR Corporation. According to legal documents and a recently obtained affidavit, the employee of the law firm used the stolen e-mail identity of a former client to launch and attempt to cloak the origins of a denial of service attack designed to overwhelm the sites and server with bogus requests to prevent access by legitimate consumers and computer users. http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/02-24-2000/0001149228&EDATE=
Reno Rejects Plan to Centralize Cybersecurity
Attorney General Janet Reno today rejected a bipartisan Senate proposal to make a single government agency responsible for securing all federal computer systems from cyberattacks. Reno acknowledged government networks are at risk from cyberattacks, but said there is no simple answer to the problem of security. http://www.apbnews.com/newscenter/internetcrime/2000/02/24/renocyber0224_01.html
Police Agency To Create Anti-Hacker Body in April 2001 Japan's National Police Agency has produced a report on a series of policy initiatives to ensure greater protection against hackers seeking unauthorized access to computer networks to destroy data. The information security policy report outlines two main courses of action. One is the building of an intrusion detection network for quick tracking of hacker attacks and acts of vandalism. The other is the creation of a new cyber force, a specialist unit that will monitor networks and take countermeasures in emergencies caused by hackers. The intrusion detection network is modeled on FIDNet, the Federal Intrusion Detection Network described in the National Plan for Information Systems Protection announced by the U.S. government in January. http://www.nikkeibp.asiabiztech.com/wcs/leaf?CID=onair/asabt/news/95273
U.N. group to combat online child porn
With legislation to protect minors from online sexual predators stalled in the courts, a United Nations-led Internet child protection effort is attracting attention from top U.S. technology companies, law enforcement agencies and educational institutions. Dubbed "Innocence in Danger," the U.N. initiative is focusing on pedophilia and child pornography and will proceed under the auspices of a group called Wired Kids, which also addresses "digital divide" issues of equitable access and education for children. Participants include Microsoft, AT&T, America Online, Lycos, the American Library Association, the National Education Association, the FBI, the Department of Justice, the Federal Trade Commission and the National Center for Missing and Exploited Children. The activity springs from a conference called in Paris in September 1998 following a massive European sting against alleged traffickers in online child pornography. Innocence in Danger falls under the domain of the United Nations Education, Scientific and Cultural Organization (UNESCO). http://news.cnet.com/news/0-1005-200-1557782.html
Schools easy pickings for cyber vandals
Universities are proving to be a juicy target for hackers trolling for dupes. Computer technicians at James Madison University have discovered that 16 student-owned Windows 98-based PCs were infected with a possible variant of the hacker tools used in recent highly publicized distributed denial-of-service (DDoS) attacks. Gary Flynn, a security engineer at James Madison, in Harrisonburg, Va., said that during the week of Feb. 13 he noticed an unusual slowdown in the university's student residence network. The problem: 16 student owned PCs had been infected with the "zombie code" that allows a hacker to secretly take over a computer and launch a DDoS attack against another site. The software appears to be a variant of the Trin00 hacking tool, one of three that can be used to launch the sort of attacks that brought down sites like Yahoo! and eBay two weeks ago. http://www.zdnet.com/zdnn/stories/news/0,4586,2447608,00.html
Prepare for electronic attacks, expert warns
COMPANIES must prepare risk management strategies to avoid or minimise the harm of electronic attack, according to an electronic security expert. Tim Phillipps, forensic group partner with Deloitte Touche Tohmatsu, said the growing incidence of attacks on listed business' IT systems by disgruntled employees, customers or even competitors left them in danger of losing money, corporate data or their public reputation. Phillipps said companies had to be prepared to correct quickly misinformation sent by ill-doers either to their client list, competitors, or posted on sharemarket chat groups in order to boost or decrease the company's stock price before selling or buying stock holdings. "Public companies are very ... liable to this problem because they have a share price to attack and have to be mindful of continuous disclosure rules, and distributing false or misleading information fairly widely can cause all sorts of problems,'' he said. http://www.it.fairfax.com.au/breaking/20000225/A39059-2000Feb25.html
Surveillance 2: The hunter and the hunted
Isn't technology wonderful? Join ZDNet UK on a stake-out to scrutinise the world of high-tech surveillance. ZDNet is keeping a close eye on the state-of-the-art curtain twitchers that are busy dreaming up new ways to know you inside out. Just because you're not paranoid, doesn't mean they're not out to get you. It takes much more than a condom to protect yourself these days! http://www.zdnet.co.uk/news/2000/7/ns-13608.html
Eyes in the back of your head
To mail or not to mail. If you're an employer, there are several things you should do. First, develop a formal, acceptable usage policy and make sure every employee knows about it. Tell them that their computer use may be monitored at any time, and provide clear guidelines for what constitutes acceptable use of company email servers and the Web. Use monitoring software as an early warning system to identify potential problems. Scan management reports regularly, and if you see wide-scale problems, restate the company policy immediately. Provide at least one warning to employees who misuse resources, and give them a chance to correct their behaviour. You should also install blocking software to prevent employees from accessing sites you consider inappropriate -- a <A3>1,000 software package can easily prevent a <A3>1m sexual harassment lawsuit. http://www.zdnet.co.uk/news/2000/7/ns-13626.html
Sen. Schumer Intros His Net Security Bill - Update Sen. Charles Schumer, D-N.Y., Thursday formally introduced a measure that would increase the fines and penalties for computer crimes. Schumer introduced the bill, S. 2092, along with Republican backing from Sen. Jon Kyl, R-Ariz., a legislator whose most focused attention on Internet legislation was a bill that would outlaw most forms of online gambling. Schumer and Kyl join a growing cadre of lawmakers who are proposing legislative solutions to this month's spate of denial of service attacks on several major e-commerce Web sites. "We have a two-part problem. The systems themselves are vulnerable, and law enforcement is shackled with rules designed to deal with 20th century criminals in a 21st century world," Schumer said. "We have to update the rules to fit the crimes." http://www.newsbytes.com/pubNews/00/144507.html