[iwar] news 3

From: Fred Cohen (fc@all.net)
Date: 2001-05-12 20:07:24

Return-Path: <sentto-279987-1234-989723246-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sat, 12 May 2001 20:08:07 -0700 (PDT)
Received: (qmail 25146 invoked by uid 510); 13 May 2001 02:09:16 -0000
Received: from ch.egroups.com ( by with SMTP; 13 May 2001 02:09:16 -0000
X-eGroups-Return: sentto-279987-1234-989723246-fc=all.net@returns.onelist.com
Received: from [] by ch.egroups.com with NNFMP; 13 May 2001 03:07:26 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_3); 13 May 2001 03:07:26 -0000
Received: (qmail 80768 invoked from network); 13 May 2001 03:07:25 -0000
Received: from unknown ( by l10.egroups.com with QMQP; 13 May 2001 03:07:25 -0000
Received: from unknown (HELO all.net) ( by mta1 with SMTP; 13 May 2001 03:07:25 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id UAA05192 for iwar@onelist.com; Sat, 12 May 2001 20:07:24 -0700
Message-Id: <200105130307.UAA05192@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Sat, 12 May 2001 20:07:24 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news 3
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

May 11, 2001

Senate Leader On Cyber-Security Struck By Homepage Worm Sen.  Robert
Bennett, R-Utah, a congressional leader on issues relating to electronic
security, fell victim to the prolific "Homepage" e-mail worm Thursday
after a staffer inadvertently opened an infected attachment.  Like other
viruses of its ilk, the Homepage worm invades the e-mail address books
of its victims, replicating itself and sending the copies to all of the
addresses in the victim's files.  Bennett spokesperson Mary Jane
Collipriest said that Bennett's e-mail system sent the worm to about 200
people on the Senator's e-mail list.  Recipients of the infected file
included journalists, Utah constituents, business contacts and other
lawmakers, Collipriest said. 

Homepage worm hits 14,000 worldwide The fast spreading Homepage worm has
hit around 14,000 computers on its round the world trip.  Antivirus
experts warn that although the pornography virus has been contained,
there is still the danger of re-infection.  The self-spreading program
began its course in Australia yesterday morning, infecting 50
corporations and 1000 computers, according to antivirus company, Trend
Micro.  It also hit approximately 1300 workstations in Hong Kong.  "It's
not as big as the Love bug, but the speed is very frightening.  It all
happened in a matter of three to four hours, " Trend Micro's Andy Liou
told ZDNet.  "It has been contained, in that it's not spreading from
company to company," however, he says from past experience, corporations
have been re-infected by a virus because they have not removed every
last trace of it. 

Attack On US State Dept.  Shuts Down Internal Servers Cyber-vandals
broke into and compromised a handful of internal Internet servers
belonging to the State Department's Office of International Information
Programs (IIP) earlier this week, a State Department spokesperson said
today.  The attack, which began Tuesday, did not affect the State
Department's main Web site and struck only unclassified file servers
within IIP, State Department spokesperson Victoria Delong said today. 
The affected IIP equipment - which includes some internal e-mail servers
- will be offline for at least a week, according to the State
Department.  http://www.newsbytes.com/news/01/165605.html

CSIR institute's website hacked The National Institute of Science,
Technology and Development Studies, a CSIR institute for science policy
today said that its website had been hacked.  Netizens logging on to the
NISTADS website had found that the site has been hacked and instead of
the calendar of events and such like information, the viewers came face
to face with a black screen on which was written in red letters the
message: f*** USA government; f*** PoizonBOx, NISTADS release today
said.  It said even a contact address has been given:
sysadmcn@yahoo.com.cn.(Intriguingly, the addressee is based in China). 
PoizonBOx is a hacker group, which specializes in targeting government
websites and has been in cyber crime news recently as it claimed to have
vandalized a number of government sites in the UK. 

Bush eyes cybersecurity overlap The White House announced Wednesday that
President Bush will soon receive recommendations on how to coordinate
the multiple federal entities involved in the cybersecurity arena. 
Shortly after assuming office in January, Bush stated his intention to
continue the efforts started in May 1998 by Presidential Decision
Directive 63, which requires agencies to secure the systems that support
the nation's critical infrastructure, including telecommunications and
power.  Many officials inside and outside government including in the
General Accounting Office have criticized the large number of
overlapping agencies involved in critical infrastructure protection. 
The list currently includes the National Security Council, the Critical
Infrastructure Assurance Office, the National Infrastructure Protection
Center and the Federal Computer Incident Response Center. 

Echelon fact-finders snubbed European Parliament delegation
investigating unacknowledged U.S.  satellite surveillance system.  A
delegation from the European Parliament investigating the existence and
impact of a global satellite surveillance system operated by the United
States and other English-speaking allies abruptly ended a fact-finding
visit to Washington, D.C., Thursday, after some Bush administration
officials refused to meet with the group. 

Want to know how to crash the Internet? Cisco has issued an alert
warning that a vulnerability in a commonly used routing protocol can be
used to bring down service provider's core Internet infrastructure.  The
vulnerability concerns BGP (Border Gateway Protocol), which is used for
exchanging routing information between gateway host on the Internet, and
can be exploited to create network outages.  Cisco said the issue came
to light because of a malfunction in the BGP implementation of another
(unnamed) vendor, which caused a series of crashes but it admits the
problem might also affect its own kit. 

Did Hackers Seed the Net With Worms? Quiet Chinese-U.S.  cyberwar has
stilled, but security gurus expect more trouble.  What if they gave a
cyberwar and nobody came? That seems to be the case days after what some
called a "cyberwar" by Chinese hackers against the United States,
retaliating for the death of Chinese pilot Wang Wei in early April.  But
some security experts wonder whether this skirmish was the real threat. 
A Chinese hacker group, the Honker Union of China, has issued a
statement to the Chinese portal Chinabytes declaring a truce.  They
claim to have reached their goal of hacking 1000 U.S.  sites, according
to published reports. 


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:13 PDT