Thursday, December 20, 2007

Daily Report

• The Associated Press reports on a fire at the White House compound in the Eisenhower Executive Office Building. Within an hour, the blaze appeared to be under control. (See item 19)

• According to Reuters, a report released on Tuesday states that the United States remains unprepared for disasters ranging from biological attacks to a flu pandemic and funding for preparedness is falling, despite five years of constant and detailed warning. (See item 22)

Information Technology

23. December 19, Computer Weekly – (International) Cisco releases first annual security report. Cisco has released its first annual report on the global state of security. The report makes several recommendations to enable organizations to protect their networks. Cisco says that although many end-of-year industry reports focus on content security threats such as viruses, worms, Trojans, spam, and phishing, its 2007 Annual Security Report broadens the areas covered with a set of seven risk-management categories. These include vulnerability, physical, legal, trust, identity, human, and geopolitical factors. Together, they encompass security requirements that involve anti-malware protection, data-leakage protection, enterprise risk management, disaster planning, and other requirements. The report makes several recommendations to organizations to enable them to protect their systems: conduct regular audits within organizations of attractive targets and evaluate the avenues that can be used to attack them; understand the notion that threats follow application usage patterns; change the mindset of employees, consumers, and citizens who consider themselves innocent bystanders, and empower them to become active against security threats; make security education a priority; institutionalize IT security education by incorporating it into school curricula; consider more than just performance when building a secure network; security suppliers need to provide comprehensive security systems that extend throughout the network infrastructure.

24. December 19, Computerworld – (National) Gmail open to Internet Explorer hijacks. Hackers can exploit an unpatched flaw in Microsoft’s Internet Explorer browser to access Gmail accounts, according to security firm Cenzic. Cenzic has warned Internet Explorer users that the browser contains an unspecified cached files bug that, when combined with a cross-site request forgery flaw in Gmail, exposes the webmail account sign-ons and lets others access those accounts and any messages or file attachments there. Although not a bug that can be exploited remotely -- an attacker must have local, physical access to the PC -- as Cenzic pointed out, there are scenarios where that is not a limitation. “These vulnerabilities could be exploited such that all users of a shared computer, who use Internet Explorer and share a user account -- a common practice at computer kiosks in a library or internet cafe -- could be vulnerable,” said Cenzic. Gmail contributes to the overall vulnerability because its URLs display attachments when viewed using the ‘View Source’ command, the warning added. Internet Explorer, however, sports “improper use of caching directives [and] incorrect access checks on cached Internet Explorer files.” Together, the bugs could conceivably let someone at a public PC hijack any Gmail log-on credentials that had been entered on the machine since the Internet Explorer cache had last been purged. Internet Explorer deletes the contents of its cache only as new files are added -- and the oldest are deleted -- or when the user explicitly instructs the browser to clear the cache using the ‘Delete Browsing History’ command. However, Microsoft denied that Internet Explorer even has a bug. “Microsoft has thoroughly investigated the claim and found that this is not a product vulnerability,” said a company spokesman.

25. December 19, Computer Weekly – (International) Microsoft says lottery scams are the fastest growing area of cybercrime. Microsoft commissioned a survey of 3,600 internet users across Germany, Italy, Denmark, the UK, and the Netherlands, and found that 50 percent of spam e-mails sent are lottery scams. In the UK, 20 percent of those who received lottery spam opened some messages, with 10 percent having replied to them. In addition, 13 percent have clicked on potentially malicious links inside these emails. The survey found that 3 percent of UK respondents had lost money through such lottery scams over the past 12 months, which is the same as the pan-European average. Microsoft UK’s chief security advisor said, “Internet lottery scams are one of the fastest growing areas of cybercrime. The scams are of increasing concern to international law enforcement, offering criminals a low-risk opportunity to steal money from internet users.”

26. December 18, CMP Channel – (National) VoIP threats, vulnerabilities abound. Whether their purpose is malicious, for financial gain, or just to prove it can be done, VoIP systems are a nut that hackers and exploiters can not wait to crack. As VoIP continues to proliferate into 2008, those threats will only get stronger and more sophisticated, according to a vulnerability research lead for Sipera VIPER Lab, a research team bent on identifying ways VoIP can be exploited. He said word of some VoIP threats started to spread in 2006, with toll fraud and vishing -- a VoIP version of phishing -- taking center stage. By 2007, those threats and vulnerabilities began to manifest further. In the coming year, by many accounts, exploits used to bring down VoIP systems and scam their users will continue to expand, with many exploits being used in conjunction with another to form an attack powerhouse of sorts. The biggest VoIP threats and vulnerabilities of 2007 -- remote eavesdropping, VoIP hopping, vishing, VoIP spam, toll fraud, and the Skype worm -- will again make headlines in 2008, the researcher said. The president and CEO of Warwick, Rhode Island-based solution provider Atrion Networking, said VoIP threats have evolved and grown from a “what if?” scenario into a full-blown “what now?” situation. “There will be more and more threats. It’s definitely going to grow,” he said. Security providers are stressing IT managers and others use VoIP encryption to ward off current and future threats as the use of IP grows.

Communications Sector

27. December 18, Government Executive – (National) Land-based backup to GPS wins reprieve in spending bill. A terrestrial backup for the satellite-based Global Positioning System endorsed by a wide range of users from the aviation, marine transportation, and telecommunications industries gained a new lease on life in the fiscal 2008 omnibus spending bill passed by the House Monday. The Coast Guard had planned to terminate operation of its LORAN (for Long-Range Navigation) system, which could serve as the backbone of a GPS backup, in fiscal 2008. But language in the Homeland Security Department portion of the Consolidated Appropriations Act of 2008 denied that request. The omnibus bill said that termination would be premature, partly due to the fact that an improved version of LORAN, known as enhanced Loran or eLORAN, has been recommended as a GPS backup by the multiagency National Space Based Positioning, Navigation, and Timing Committee, whose membership includes top officials from the Defense, Homeland Security, Transportation, Commerce, and State departments, along with NASA. That committee has not publicly released its eLORAN recommendation. The Transportation Department’s Volpe National Transportation Systems Center urged development of an alternative to GPS in a 2001 report that concluded the satellite-based system could be knocked out by jamming its high-frequency low-power signals. The report suggested LORAN as a possible backup. Since the Volpe report was issued, the Coast Guard -- at the direction of Congress -- has converted most of its LORAN stations, which had a location accuracy of from one quarter of a nautical mile to one nautical mile, to eLORAN stations, which have an accuracy of between eight and 65 feet. GPS also provides precise timing signals for telecommunications companies worldwide, and they urged the Transportation and DHS to adopt eLORAN as a backup during a public comment period earlier this year.

28. December 18, PC Pro – (International) Virgin customers suffer network collapse. Virgin Media experienced a national collapse of its broadband network Monday night as a result of a glitch in its automated router maintenance service. The glitch caused Virgin Media’s servers to lose their DHCP leases, leading to the servers attempting to renew nearly three million IP addresses all at once, bringing the system to a halt. Virgin says the problem is now resolved and full service is restored. A spokesperson for the company says the length of the outage varied greatly between users, with some “getting their connections back in a few seconds, while others would have taken much longer.” “At 9:20 p.m. last night, customers in a number of regions temporarily lost connectivity to their broadband and Video on Demand services,” a statement from the company read. “This occurred as a result of an error during a routine maintenance process which affected some customers’ modems and set top boxes.”

No comments: