[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-04-02 19:23:14

Return-Path: <sentto-279987-1088-986264615-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 02 Apr 2001 19:24:08 -0700 (PDT)
Received: (qmail 21857 invoked by uid 510); 3 Apr 2001 02:24:07 -0000
Received: from fk.egroups.com ( by with SMTP; 3 Apr 2001 02:24:07 -0000
X-eGroups-Return: sentto-279987-1088-986264615-fc=all.net@returns.onelist.com
Received: from [] by fk.egroups.com with NNFMP; 03 Apr 2001 02:23:35 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_1); 3 Apr 2001 02:23:34 -0000
Received: (qmail 16764 invoked from network); 3 Apr 2001 02:23:15 -0000
Received: from unknown ( by l7.egroups.com with QMQP; 3 Apr 2001 02:23:15 -0000
Received: from unknown (HELO all.net) ( by mta3 with SMTP; 3 Apr 2001 03:24:19 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id TAA03675 for iwar@onelist.com; Mon, 2 Apr 2001 19:23:14 -0700
Message-Id: <200104030223.TAA03675@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 2 Apr 2001 19:23:14 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Air incident sparks China chat attack National outrage splashes across
Chinese media China's state media and online chatrooms have launched a
nationalistic attack on the U.S.  over the collision of military
aircraft from both countries.  Most Chinese learned of the drama on
popular websites such as the People's Daily and Sina.com on Monday; some
say they spotted the reports on some English-language sites.  An
Internet manager in Beijing told CNN that her colleagues were "furious"
at the U.S.  for failing to mention a word on the missing Chinese pilot. 
Beijing's top official outlet, the People's Daily, devoted one fifth of
its homepage headlines to issues about the U.S.  military.  A report
demanding U.S.  compensation was headlined "Net friends: Look at
American hegemonism from the incident that U.S.  plane crashed our
military jet". 

[FC - I am thinking seriously about issuing a warning about possible
upcoming information warfare or intentional information attacks from
China against the US.  I believe that the increase in tensions between
the US and China combined with the declared information warfare doctrine
of the Chinese will likely generate some level of serious information
warfare exchanges between the US and China within the next 6 weeks if
the tensions continue to increase in this region.  Since the US has so
much more dependency, it is likely that the US will be more impacted by
any exchange in this arena, But then, what do I know?]

Mass Victimization Net Crime Not Far Off - Gartner

Mass victimization crime, or online theft from thousands of people
simultaneously by one individual, is less than two years away and the
perpetrator will probably get away with it, researchers predict.  Such
global online theft is inevitable via converging technologies and poorly
equipped international law enforcement authorities, according to Gartner
Inc.  "Using mundane, readily available technologies that have already
been deployed by both legitimate and illegitimate businesses,
cybercriminals can now surreptitiously steal millions of dollars, a few
dollars at a time, from millions of individuals simultaneously," Gartner
Research Fellow Richard Hunter said in a news release.  "Moreover, they
are very likely to get away with the crime." The cost of mass
victimization crimes will increase at a staggering rate, Gartner said,
predicting a 1,000 percent to 10,000 percent rise through 2004. 


New cloaked-code threat to security A new technique for disguising
programs aimed at cracking corporate networks could raise the stakes in
the heated battle between hackers and security experts.  During a
seminar last week at the CanSecWest conference in Vancouver, British
Columbia, a hacker named "K2" revealed a program he created that can
camouflage the tiny programs that hackers generally use to crack through
system security.  The cloaking technique is aimed at foiling the
pattern-recognition intelligence used by many intrusion detection
systems, or IDSes, known as the burglar alarms of the Internet.  "Trust
me, this will blow away any pattern matching," said K2, who would not
reveal his real name because he also works as a security consultant. 
When a security hole is found on a corporate network, hackers usually
will find several ways to exploit it.  To manage the onslaught, the
makers of intrusion detection systems continually update their own
software to keep track of new variants of an already familiar theme. 


Defense told to improve computer security coordination The Defense
Department=92s ability to prevent, detect and respond to cyberattacks is
getting better, but military officials still face numerous security
challenges, the General Accounting Office concludes in a new report. 
Defense has set up numerous computer emergency response teams and
communication methods for alerting systems administrators to security
problems and solutions.  Every day, Defense identifies thousands of
intrusions into computer systems and other problems.  In 1999, the Air
Force, Army and Navy reported a total of 600 attacks.  That number grew
to 715 in 2000. 


House Reintroduces Federal Computer Security Measure House lawmakers
have reintroduced legislation that would require the National Institute
of Science and Technology (NIST) to serve as a computer security
consultant for other federal civilian agencies.  Introduced by Rep. 
Connie Morella, R-Md., H.R.  1259 would establish NIST as the lead
agency in computer security matters.  In that role, NIST would advise
agencies on what "off-the-shelf" computer security products met with the
government's approval.  The bill also requires the Under Secretary of
Commerce to establish a database on computer security threats and to
make that list available to the public.  The bill is nearly identical
the Computer Security Enhancement Act, legislation offered by former
House Science Committee Chairman James Sensenbrenner, R-Wis., in
response to growing concerns about hacker attacks on federal agencies. 
While the measure passed the House by a voice vote late last year, it
never got off the ground in the Senate. 


------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Secure your servers with 128-bit SSL encryption!
Grab your copy of VeriSign's FREE Guide,
"Securing Your Web site for Business." Get it now!


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:06 PDT