Friday, May 2, 2008

Daily Report

According to Reuters, the U.S. Federal Bureau of Investigation was investigating an unspecified threat made against three small oil refineries in the Billings, Montana, area. (See item 1)

The Washington Times reports false identifications based on a terrorist no-fly list have for years prevented some federal air marshals from boarding flights they are assigned to protect, according to officials with the Federal Air Marshal Service, which is finally taking steps to address the problem. (See item 15)

Information Technology

25. May 1, IDG News Service – (National) Instant messaging attacks spike in April. Instant messaging attacks leapt 162 percent in April according to security firm Akonix. The company tracked 21 new malicious code attacks over the month. The jump accompanies a boom in take-up of enterprise unified communications systems (UC) over the past few months, a fact that is unlikely to be a mere coincidence, Akonix said. UC systems are designed to bring together all a company’s communications systems onto a common Internet protocol (IP) infrastructure, and often include an IM service. Analysts Butler Group reassured enterprises in a report earlier this week that UC does not open up any new means of attack, but Akonix said the recent spike in IM attacks indicates just the reverse. “Enterprises need to realize that implementing new communication and collaboration tools increases the risk of attack as each new application becomes a new vector for infection,” said Akonix’s vice president of marketing in a statement. Source: http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/08/05/01/Instant-messaging-attacks-spike-in-April_1.html

26. May 1, IDG News Service – (National) Virtual server sprawl highlights security concerns. Server virtualization projects are driven by a desire for consolidation, yet the uncontrolled proliferation of virtual machines can result in just the opposite. When users can clone a virtual machine with the click of a mouse, or save versions of applications and operating systems for later use, you are asking for trouble if IT does not maintain tight control, virtualization management vendor Embotics warned in a session at Interop Las Vegas Tuesday. Physical servers and software resources are wasted by virtual sprawl, which also burdens IT with more manual processes and increased security risk, a representative said. “The risk of sprawl is a lot higher in the virtual world than it is in the physical world,” he said. Virtual sprawl is not defined by numbers; it is defined as the proliferation of virtual machines without adequate IT control, he said. One Embotics customer found itself with more than 5,000 virtual machines and suspected many of them were no longer needed. It turned out 70 percent of them were obsolete, but were still consuming network resources and software licenses. Offline virtual machines present their own problem, in that automatic patching systems do not recognize them, leaving them without critical updates. The central problem behind sprawl – that virtual machines are so easily generated that IT has trouble tracking how many there are, and when and where they are deployed – only serves to fuel the special security challenges that come with server virtualization. Source: http://www.infoworld.com/archives/emailPrint.jsp?R=printThis&A=/article/08/05/01/Virtual-server-sprawl-highlights-security-concerns_1.html

27. April 30, Associated Press – (International) Criminals try to “copyright” malware. Even criminal hackers want to protect their intellectual property, and they have come up with a method akin to copyrighting. Professional virus writers are now selling a suite of software on the Internet with an unusual attachment: a detailed licensing agreement that promises penalties for redistributing the malicious code without permission. Symantec Corp. researchers noticed a Russian-language example floating around the Internet and wrote about it on the company’s official blog this week. They said it is the only example they have seen. The software is used to infect computers and control them remotely. The zombie machines can be used to pump out spam, launch more attacks or steal personal information from their owners. Networks of zombie machines — known as “bot nets” — can be extremely lucrative, sometimes bringing millions of dollars in profit for their authors and their distributors. Source: http://news.yahoo.com/s/ap/20080430/ap_on_hi_te/techbit_copyrighting_malware;_ylt=ApvfP7MzYuC4Glue9Vp9EaQjtBAF

Communications Sector

Nothing to Report