[iwar] news

From: Fred Cohen (fc@all.net)
Date: 2001-06-12 01:39:13

Return-Path: <sentto-279987-1348-992335155-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 12 Jun 2001 01:40:07 -0700 (PDT)
Received: (qmail 4261 invoked by uid 510); 12 Jun 2001 07:40:15 -0000
Received: from n2.groups.yahoo.com (HELO hi.egroups.com) ( by with SMTP; 12 Jun 2001 07:40:15 -0000
X-eGroups-Return: sentto-279987-1348-992335155-fc=all.net@returns.onelist.com
Received: from [] by hi.egroups.com with NNFMP; 12 Jun 2001 08:39:15 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_1_3); 12 Jun 2001 08:39:14 -0000
Received: (qmail 54495 invoked from network); 12 Jun 2001 08:39:13 -0000
Received: from unknown ( by l10.egroups.com with QMQP; 12 Jun 2001 08:39:13 -0000
Received: from unknown (HELO all.net) ( by mta3 with SMTP; 12 Jun 2001 08:39:13 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id BAA04627 for iwar@onelist.com; Tue, 12 Jun 2001 01:39:13 -0700
Message-Id: <200106120839.BAA04627@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Tue, 12 Jun 2001 01:39:13 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Russian Government Approves Agreement on CIS Cooperation Against
Computer=20 Crime The Russian Federation government has approved the
draft agreement on cooperation among the CIS states in the fight against
crime in the sphere of computer information, the government information
department announced yesterday.  Therefor Russian Federation government
Chairman Mikhail Kasyanov has signed a decree "On submitting a proposal
to the Russian Federation president on signing the agreement on
cooperation among the CIS states in the fight against crime in the
sphere of computer information."

Philippines reopens Love Bug virus case The case against Onel de Guzman,
alleged author of the "I Love You" virus has been reopened after the
Philippine National Bureau of Investigation (NBI) filed a motion for
reconsideration at the Prosecutor's Office of the Department of Justice
(DOJ), according to attorney Elfren Meneses, chief of the Anti-Fraud and
Computer Crimes Division at NBI.  Meneses said prosecutor Archimedes
Manabat have set aside the dismissal order initially issued by DOJ,
opening up the case for preliminary investigation.  The case was
initially dismissed in August last year, after the Prosecutor's Office
ruled that de Guzman cannot be charged with violating the Access Device
Regulation Act or RA 8484.  Nor, however, can De Guzman be charged under
the E-Commerce Act, which was not yet a law when the "I Love You" virus
was released.  It wreaked havoc on computer systems worldwide after it
was released last April. 

European 'safer Internet' site hit by hackers Hackers embarrassed the
European Commission this week by identifying and exploiting two security
holes on a new commission-sponsored Web site that promotes safer use of
the Internet.  One of the holes allowed the hackers to get administrator
privileges on the server that powers the Safer Internet Exchange site,
according to a security analyst who asked not to be identified.  The
other flaw involved an e-mail distribution list that was left unsecured,
allowing intruders to retrieve the names and e-mail addresses of the
people on the list.  Tara Morris, project manager for the Web site and a
consultant at Birmingham, England-based Ecotec Research and Consulting
Ltd., said the two holes were both plugged yesterday morning.  The
incident is still being investigated, he added, while declining to
detail how deeply the hackers were able to penetrate the affected

Net blackout marks Web's Achilles heel For much of the past week, two
large stretches of the Internet turned invisible to each other.  Unlike
the electrical outages plaguing California, which no one wants, this
intentional blackout suited the purposes of one side in the collapse of
talks between two major Internet service providers, Cable & Wireless and
the financially strapped PSINet.  A critical link between the two
networks was cut, blocking some companies from seeing their own Web
sites, and stalling e-mail between thousands of sources.  Although a
connection between Cable & Wireless and PSINet was re-established
Tuesday night, the squabble illustrates just how fragile the Internet's
series of connected, largely unregulated private networks can be.  The
Net has built its strength in part on this decentralized, unregulated
environment, but the ISPs' fight underscores that very little can
prevent future blackouts like this from happening. 

California's Power Grid Allegedly Hacked The attack exposed security
lapses in the system that Cal-ISO uses to oversee most of the state's
massive electricity transmission grid.  A computer system that controls
much of the flow of electricity across California was under siege from
alleged hackers for at least 17 days during the height of the state's
ongoing power crisis, the Los Angeles Times reported on Saturday.  The
cyberattack, while apparently limited, exposed security lapses in the
system that the California Independent Systems Operator (Cal-ISO) uses
to oversee most of the state's massive electricity transmission grid and
connect to the grid for the western United States.  While some familiar
with the breach said supposed hackers came close to gaining access to
key parts of the system and could have interrupted the movement of
electricity around the power-hungry state, officials at Cal-ISO said the
grid was not threatened and that they had remedied the situation. 

Security spending to jump tenfold by 2011 Companies will spend 10 times
more a decade from now on to secure their information against Internet
attacks, according to a study released Monday.  Published by market
researcher Gartner, the study predicts companies will spend 4 percent of
their revenues on information security in 2011, up from 0.4 percent this
year.  The study takes into account the costs for people, hardware,
software, external services and physical security to protect a business'
critical information.  Roberta Witty, research director with Gartner,
believes that by 2004 about four out of five companies will use the
Internet as a key part of the business, and at least half will
experience a financially significant loss as the result of Internet

Federal cybercrime experts to tell House about efforts Federal law
enforcement officials will testify before a House panel Tuesday on their
agencies' efforts to fight cybercrime.  The afternoon hearing is the
second in a series of three the House Judiciary Crime Subcommittee is
holding on the issue.  Representatives from the Justice Department, the
FBI and the Secret Service will tell the panel what their agencies are
doing to battle crimes such as denial-of-service hacking attacks, the
spread of computer viruses, identity theft, fraud and online child
pornography.  But Alan Davidson of the Center for Democracy and
Technology will urge Congress to maintain a balance between the needs of
law enforcement and those of private citizens. 

Microsoft zombie hacker denial condemned The software giant is accused
of corporate hubris for issuing a flat denial that its raw socket
support in Windows XP is a paradise for zombie hackers Microsoft's
assurances that Windows XP will not make it easier for hackers to launch
damaging Denial of Service (DoS) attacks across the Internet have been
dismissed by the security expert who first alerted the company to the
issue.  The US software giant released a statement last week in which it
said Steve Gibson, president of Gibson Research Group, was incorrect to
claim that the implementation of "raw sockets" in its Windows XP
operating system was a serious mistake.  According to Microsoft it will
not be possible for a hacker to run malicious software such as Trojan
horses on a machine running Windows XP, thanks to the company's "war on
hostile code".  This means, according to Microsoft, that an XP machine
could not take part in a DoS attack. 

IT security goes nuclear Leading UK digital companies are transferring
key computer hardware, including internet servers, to a former Royal Air
Force bunker in Kent, to protect technology from potential
anti-capitalist attacks.  The bunker, which is 300 feet underground, is
capable of withstanding a direct nuclear hit, chemical and biological
warfare and electro-magnetic bombs.  It is owned and managed by AL
Digital Communications following the sale of the site by the Ministry of
Defense three years ago.  BTCellnet, Scottish Widows and the Bank
Automated Clearance System (BACS) are among hundreds of companies who
use this ultra-secure facility to protect their business interests. 
Dozens more are said to be on the waiting list for space, which costs
anywhere between =A3250 per month for a server-sized slot to =93several
million=94 pounds a year (which one large, unnamed global IT firm pays
for a huge space). 


Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:17 PDT