Return-Path: <sentto-279987-1297-991802118-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 05 Jun 2001 21:36:07 -0700 (PDT) Received: (qmail 3460 invoked by uid 510); 6 Jun 2001 03:36:29 -0000 Received: from hl.egroups.com (208.50.99.197) by 204.181.12.215 with SMTP; 6 Jun 2001 03:36:29 -0000 X-eGroups-Return: sentto-279987-1297-991802118-fc=all.net@returns.onelist.com Received: from [10.1.4.52] by hl.egroups.com with NNFMP; 06 Jun 2001 04:35:19 -0000 X-Sender: fc@all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_1_3); 6 Jun 2001 04:35:18 -0000 Received: (qmail 26849 invoked from network); 6 Jun 2001 04:35:17 -0000 Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 6 Jun 2001 04:35:17 -0000 Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 6 Jun 2001 04:35:17 -0000 Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id VAA27149 for iwar@onelist.com; Tue, 5 Jun 2001 21:35:17 -0700 Message-Id: <200106060435.VAA27149@all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 5 Jun 2001 21:35:16 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] news Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Defense anti-hacking office goes on the offensive Three years ago, a series of coordinated attacks on Defense Department computer networks set off a search for security vulnerabilities in the Pentagon's information systems. The attacks, called "Moonlight Maze," mystified investigators, who feared they might be linked to the theft of sensitive Defense data. Such attacks keep the members of Defense's Joint Task Force-Computer Network Operations (JTF-CNO) up at night. In fact, task force investigators still haven't solved the Moonlight Maze puzzle. Analysts think the attacks originated in Russia--but aren=92t certain. =93The truth is we don=92t know who is behind Moonlight Maze,=94 said Navy Capt. Robert West, special assistant to the commander of JTF-CNO. The task force is dedicated to both protecting Defense's computer networks and developing attack strategies to conduct information warfare against U.S. adversaries. http://www.govexec.com/dailyfed/0601/060501j1.htm UAE 'needs task force to fight cyber crime' The UAE needs a task force to deal with emergencies caused by Internet hackers as more organisations enter cyberspace, thus facing intense security threats, a senior official of the General Information Authority (GIA) said. The rapid action task force, comprising IT specialists, could help prevent a cyber disaster, said Abd El Wahab Mostafa, IT consultant to the GIA. "The UAE has not yet faced a major problem, but preventive security measures are a must since Internet hacking is on the rise and countries still lack sufficient laws to cope with cyber crime," he added. http://www.gulf-news.com/Articles/news.asp?ArticleID=3D18865 Cyberspies protect the virtual business world Many who have done business in developing countries where wealth is disproportionate, hostage-taking is common and Americans are always a target, know the value of a couple of bodyguards and an armored escort when driving, no matter how much the service costs. The main reason why companies budget for physical protection in some locales is a certainty on their part that if they don't defend themselves, the local law won't defend them either. The same is true on the Internet, where business conditions are probably comparable to working conditions in Uzbekistan or North Korea - the 149th and 155th least-free economies on the planet, according to the 2000 Index of Economic Freedom. But in the last year, a handful of private companies have started to take enforcement into their own hands, quietly developing security units to protect their clients' assets in cyberspace. Web hosters such as Exodus Communications, Metromedia Fiber Network and ServerVault have been hiring retired agents from the Federal Bureau of Investigation, National Security Agency, Secret Service, Royal Canadian Mounted Police, Scotland Yard, U.S. Army and U.S. Navy, and whisking others away from their government salaries and security clearances to build private cybersecurity divisions. http://www.zdnet.com/zdnn/stories/news/0,4586,2767657,00.html Defense Web sites track visitors, audit finds One in four Web sites run by the Defense Department have no privacy statement posted, according to an oversight report released Tuesday. An even larger number collect information about the public despite a White House directive barring the practice. The audit found it possible that commercial companies might secretly have collected and sold personal information about visitors to Defense Web sites. Many employees responsible for the Web sites said they didn't know about the government's policies on tracking technology or that privacy policy statements are required, even though Deputy Defense Secretary Paul Wolfowitz updated and reiterated the rules two months ago. http://www.siliconvalley.com/docs/news/svfront/081683.htm http://news.cnet.com/news/0-1005-200-6198295.html http://www.newsbytes.com/news/01/166488.html Texas setting up security office Texas is poised to become the first state government to establish an information technology security office to apply policies and monitor the Internet architecture. The move is designed to bolster cybersecurity among the state=92s 200 or so agencies and build public trust as more government services move online. The state legislature approved $600,000 in its general appropriations bill to fund the office for the next two years. It is likely to be approved by Gov. Rick Perry, who has until June 17 to sign it into law, said Mel Mireles, statewide IT planning manager in the Department of Information Resources {http://www.dir.state.tx.us}. Mireles would head the new office. http://www.civic.com/civic/articles/2001/0604/web-texas-06-05-01.asp The Social Engineer Ira Winkler lies, steals, and reads other people's mail. Corporate security agents don't usually have a lot to say about their work. It's a field that tends to attract the softspoken and the circumspect-men and women without much taste for fame, glory, or even the passing satisfaction of regaling friends with tales of office triumphs and disasters. And then there's Ira Winkler. As the founder and president of the Maryland-based Internet Security Advisors Group, the 38-year-old Winkler has an impressive client list, and the ethics of his profession won't let him say exactly what he may have done for General Electric, Hewlett-Packard, or any company in particular. Without mentioning names, however, he is more than willing to discuss the time, for example, he walked up to the security desk of a large financial-services company and, merely by claiming to be a new employee, obtained a photo ID and magnetic-access key card. http://www.business2.com/magazine/2001/06/social_engineer.htm ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:15 PDT