[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-06-05 21:35:16


Return-Path: <sentto-279987-1297-991802118-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 05 Jun 2001 21:36:07 -0700 (PDT)
Received: (qmail 3460 invoked by uid 510); 6 Jun 2001 03:36:29 -0000
Received: from hl.egroups.com (208.50.99.197) by 204.181.12.215 with SMTP; 6 Jun 2001 03:36:29 -0000
X-eGroups-Return: sentto-279987-1297-991802118-fc=all.net@returns.onelist.com
Received: from [10.1.4.52] by hl.egroups.com with NNFMP; 06 Jun 2001 04:35:19 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_3); 6 Jun 2001 04:35:18 -0000
Received: (qmail 26849 invoked from network); 6 Jun 2001 04:35:17 -0000
Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 6 Jun 2001 04:35:17 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 6 Jun 2001 04:35:17 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id VAA27149 for iwar@onelist.com; Tue, 5 Jun 2001 21:35:17 -0700
Message-Id: <200106060435.VAA27149@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 5 Jun 2001 21:35:16 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Defense anti-hacking office goes on the offensive Three years ago, a
series of coordinated attacks on Defense Department computer networks
set off a search for security vulnerabilities in the Pentagon's
information systems.  The attacks, called "Moonlight Maze," mystified
investigators, who feared they might be linked to the theft of sensitive
Defense data.  Such attacks keep the members of Defense's Joint Task
Force-Computer Network Operations (JTF-CNO) up at night.  In fact, task
force investigators still haven't solved the Moonlight Maze puzzle. 
Analysts think the attacks originated in Russia--but aren=92t certain. 
=93The truth is we don=92t know who is behind Moonlight Maze,=94 said
Navy Capt.  Robert West, special assistant to the commander of JTF-CNO. 
The task force is dedicated to both protecting Defense's computer
networks and developing attack strategies to conduct information warfare
against U.S.  adversaries. 
http://www.govexec.com/dailyfed/0601/060501j1.htm

UAE 'needs task force to fight cyber crime' The UAE needs a task force
to deal with emergencies caused by Internet hackers as more
organisations enter cyberspace, thus facing intense security threats, a
senior official of the General Information Authority (GIA) said.  The
rapid action task force, comprising IT specialists, could help prevent a
cyber disaster, said Abd El Wahab Mostafa, IT consultant to the GIA. 
"The UAE has not yet faced a major problem, but preventive security
measures are a must since Internet hacking is on the rise and countries
still lack sufficient laws to cope with cyber crime," he added. 
http://www.gulf-news.com/Articles/news.asp?ArticleID=3D18865

Cyberspies protect the virtual business world Many who have done
business in developing countries where wealth is disproportionate,
hostage-taking is common and Americans are always a target, know the
value of a couple of bodyguards and an armored escort when driving, no
matter how much the service costs.  The main reason why companies budget
for physical protection in some locales is a certainty on their part
that if they don't defend themselves, the local law won't defend them
either.  The same is true on the Internet, where business conditions are
probably comparable to working conditions in Uzbekistan or North Korea -
the 149th and 155th least-free economies on the planet, according to the
2000 Index of Economic Freedom.  But in the last year, a handful of
private companies have started to take enforcement into their own hands,
quietly developing security units to protect their clients' assets in
cyberspace.  Web hosters such as Exodus Communications, Metromedia Fiber
Network and ServerVault have been hiring retired agents from the Federal
Bureau of Investigation, National Security Agency, Secret Service, Royal
Canadian Mounted Police, Scotland Yard, U.S.  Army and U.S.  Navy, and
whisking others away from their government salaries and security
clearances to build private cybersecurity divisions. 
http://www.zdnet.com/zdnn/stories/news/0,4586,2767657,00.html

Defense Web sites track visitors, audit finds One in four Web sites run
by the Defense Department have no privacy statement posted, according to
an oversight report released Tuesday.  An even larger number collect
information about the public despite a White House directive barring the
practice.  The audit found it possible that commercial companies might
secretly have collected and sold personal information about visitors to
Defense Web sites.  Many employees responsible for the Web sites said
they didn't know about the government's policies on tracking technology
or that privacy policy statements are required, even though Deputy
Defense Secretary Paul Wolfowitz updated and reiterated the rules two
months ago.
http://www.siliconvalley.com/docs/news/svfront/081683.htm
http://news.cnet.com/news/0-1005-200-6198295.html
http://www.newsbytes.com/news/01/166488.html

Texas setting up security office Texas is poised to become the first
state government to establish an information technology security office
to apply policies and monitor the Internet architecture.  The move is
designed to bolster cybersecurity among the state=92s 200 or so agencies
and build public trust as more government services move online.  The
state legislature approved $600,000 in its general appropriations bill
to fund the office for the next two years.  It is likely to be approved
by Gov.  Rick Perry, who has until June 17 to sign it into law, said Mel
Mireles, statewide IT planning manager in the Department of Information
Resources {http://www.dir.state.tx.us}.  Mireles would head the new
office. 
http://www.civic.com/civic/articles/2001/0604/web-texas-06-05-01.asp

The Social Engineer Ira Winkler lies, steals, and reads other people's
mail.  Corporate security agents don't usually have a lot to say about
their work.  It's a field that tends to attract the softspoken and the
circumspect-men and women without much taste for fame, glory, or even
the passing satisfaction of regaling friends with tales of office
triumphs and disasters.  And then there's Ira Winkler.  As the founder
and president of the Maryland-based Internet Security Advisors Group,
the 38-year-old Winkler has an impressive client list, and the ethics of
his profession won't let him say exactly what he may have done for
General Electric, Hewlett-Packard, or any company in particular. 
Without mentioning names, however, he is more than willing to discuss
the time, for example, he walked up to the security desk of a large
financial-services company and, merely by claiming to be a new employee,
obtained a photo ID and magnetic-access key card. 
http://www.business2.com/magazine/2001/06/social_engineer.htm

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 



This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:15 PDT