Return-Path: <sentto-279987-2280-1001299560-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sun, 23 Sep 2001 19:48:10 -0700 (PDT) Received: (qmail 18973 invoked by uid 510); 24 Sep 2001 02:46:51 -0000 Received: from n9.groups.yahoo.com (216.115.96.59) by 204.181.12.215 with SMTP; 24 Sep 2001 02:46:51 -0000 X-eGroups-Return: sentto-279987-2280-1001299560-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by fl.egroups.com with NNFMP; 24 Sep 2001 02:46:29 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 24 Sep 2001 02:46:00 -0000 Received: (qmail 38638 invoked from network); 24 Sep 2001 02:45:59 -0000 Received: from unknown (10.1.10.27) by 10.1.1.223 with QMQP; 24 Sep 2001 02:45:59 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 24 Sep 2001 02:46:28 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id TAA20758 for iwar@onelist.com; Sun, 23 Sep 2001 19:46:27 -0700 Message-Id: <200109240246.TAA20758@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Sun, 23 Sep 2001 19:46:27 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] Class posting from one of my UNH classes Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit In a recent article on the website vmyths.com url: http://www.vmyths.com/hoax.cfm?id=3D267&page=3D3 Nimda virus/worm (September 2001 hysteria) Category: misconceptions about genuine threats U.S. attorney general John Ashcroft took time out from his daily terrorism=20 press conference on 18 September 2001 to warn of a horrifying new Nimda=20 virus/worm. Ashcroft's warning aired live on CNN. He declared ignorance and=20 gave reporters no details, except to imply terrorists might not be behind th= e=20 deadly =FCber-virus. A Newsbytes story claims "a powerful coalition of U.S. government and industry groups contemplated advising citizens to stay off the Internet completely to avoid being infected by Nimda." This idea is as absurd now as it was in 1999 when it first became fashionable. (Read our opinion of "precautionary disconnects.") Antivirus firms sprang into action on 18 September with press releases (aka "media advisories") and email alerts to warn of Nimda's potential for destruction -- and to brag how their software could detect & eradicate this new threat. Most, if not all, major antivirus firms used typical terms like "high risk," "fast spreading," and so on to describe the pending cyber-catastrophe. Network Associates mouthpiece Vincent Gullotto claimed Nimda had already "taken down entire sites. I can't even get to the Internet= right now," he moaned to an Associated Press reporter. Security firm ISS hysterically described it as "Code Red on steroids." Watch for more experts & non-experts alike to claim "Nimda will put the Code= Red worm to shame." (You DO remember the Code Red worm, don't you?) Antivirus firms did not fully agree on Nimda's capabilities for roughly a day after its discovery. Experts needed time to analyze its code -- but public relations couldn't wait for accuracy. Some antivirus firms posted mediocre/ambiguous details on their sites just so clients & reporters could read something. Some of the initial media reports (particularly a CNN story) contained inaccurate details for this reason. Vmyths predicts antivirus firms will ride on Nimda's coattails in an effort to receive free publicity -- and in an all-out effort to return some value to their stock prices. Computer security stocks often rise in proportion to global hysteria. (ZDNN reporter Robert Lemos highlighted this fact in a story today.) Many reporters speculated on a possible link between Nimda and last week's terrorism. Vmyths predicted the media would quickly drop this theory -- because no security expert so far seems intrigued by it. Reporters later abandoned this coincidence. Michael Erbschloe (Computer Economics Inc.) claims Nimda already caused $530.65 million in damages -- an absurdly accurate worldwide guesstimate. Remember this: Congress diverted $40 billion to help recover from last week'= s terrorist attacks, and the Federal Reserve unleashed nearly $200 billion to shore up the U.S. economy. Vmyths does not expect governments to allocate on= e penny to help recovery efforts associated with Nimda.. My question: with the new war on terrorism, why does the governent appear to= be ignoring Nimda? Can the the FBI's cyberterrorism division be procative in cases such as this? --This communication is confidential to the parties it is intended to serve-- Fred Cohen Fred Cohen & Associates.........tel/fax:925-454-0171 fc@all.net The University of New Haven.....http://www.unhca.com/ http://all.net/ Sandia National Laboratories....tel:925-294-2087 ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:48 PDT