Wednesday, December 5, 2007

Daily Report

• The Associated Press reported on the aftermath of the second of back-to-back severe storms that battered the Northwest Monday, leaving at least four dead. Several inches of rain and hurricane-force winds downed trees, blocked roads and left widespread power outages across the region Tuesday. Power company officials said electricity may not be restored to some areas for several days. The Coast Guard reported two deaths as the result of a dike failure in Washington state, and dispatched helicopters to assist about 100 others left in distress by the flooding. (See items 2 & 34)

• According to documents obtained by The Associated Press, the Bush administration intends to slash counterterrorism funding for police, firefighters, and rescue departments across the country by more than half next year. Additionally, the documents indicate plans to call for outright elimination of programs for port security, transit security, and local emergency management operations in the next budget year. (See item 20)

Information Technology

28. December 4, Reuters – (International) Al Qaeda-linked Web sites number 5,600: researcher. There are now about 5,600 Web sites spreading al Qaeda’s ideology worldwide, and 900 more are appearing each year, a Saudi researcher told a national security conference on Tuesday. Saudi Arabia, the world’s biggest oil exporter, has identified the Internet as a key battlefield with militants who launched a campaign to topple the U.S.-allied ruling royal family in 2003. “Research shows there are more than 5,600 sites on the Internet promoting the ideology of al Qaeda,” the researcher told the Information Technology and National Security conference in the Saudi capital Riyadh. “There are some 900 news sites appearing every year, and despite the retreat of some media outlets specifically run by al Qaeda, extremist Web sites are constantly on the rise.” He said it was difficult to track most of the sites, though hardcore al Qaeda sites often change addresses to avoid detection or start up again elsewhere once infiltrated. He was addressing a conference organized by the Saudi intelligence agency to encourage the public to cooperate more with the government and share expertise on how to survey the Internet for militant activity. This week the Saudi intelligence agency launched a Web site in an effort to open up to the public and change the negative perceptions of security services. People can send information anonymously to the site about any suspicious activity. Analysts say al Qaeda has transformed from a close-knit militant group to a brand that disseminates radical ideas for sympathizers to act on independently. “The Internet, chat lines, text messages -- these are the new warriors,” said an expert on Internet monitoring known as “text mining.”

29. December 4, IDG News Service – (International) F-Secure: Malware samples doubled in one year. Finnish security vendor F-Secure has collected twice as many malicious software samples this year than it has over the last 20 years, a trend that highlights the growing danger of malicious software on the Internet. Through the end of 2006 and 20 years prior, F-Secure counted a total of 250,000 samples, said the firm’s chief research officer. This year alone, 250,000 samples have been counted, he said. Statistics on malware from antivirus companies can vary since the data is often derived from what their customers experience while using their software, and it depends on how widely that software is used. But other security vendors have also noted the flood of new malware on the Internet over the last few years. Symantec said earlier this year that it detected 212,101 new malicious code threats between January and June, an increased of 185 percent over the same period a year prior. The astounding increase shows that hackers “are generating large number of different [malware] variants on purpose to make the lives of antivirus vendors more difficult,” the F-Secure rep said. A variant is a piece of malware that has a unique look but belongs to a known family of malware, sharing common code and functions. Hackers use techniques such as obfuscation, which jumbles up code and makes it hard to determine what the program is, and encryption, to trick security programs. “Genuine innovation appears to be on the decline and is currently being replaced with volume and mass-produced kit malware,” according to FSecure’s report, which covers the second half of 2007.

30. December 4, IDG News Service – (International) Microsoft: Windows flaw could steer IE to hackers. Microsoft said Monday that a flaw in the way its Windows operating system looks up other computers on the Internet has resurfaced and could expose some customers to online attacks. The flaw primarily affects corporate users outside of the U.S. It could theoretically be exploited by attackers to silently redirect a victim to a malicious Web site. Microsoft originally patched this flaw in 1999, but it was rediscovered recently in later versions of Windows and was then publicized at a recent hacker conference in New Zealand. “This is a variation of that previously reported vulnerability that manifests when certain client side settings are made,” said a group manager at Microsoft’s Security Response Center. The bug has to do with the way Windows systems look for DNS (Directory Name Service) information under certain configurations. Any version of Windows could theoretically be affected by the flaw, but Microsoft issued an advisory Monday explaining which Windows configurations are at risk and offering some possible workarounds for customers. The company said it is working to release a security patch for the problem.

Communications Sector

31. December 4, Associated Press – (Southeast) DSL outage hits some AT&T customers. AT&T Inc. customers in the Southeast United States were unable to connect to the Internet through their DSL service for several hours Monday night because of an equipment problem, a company spokesman said. He said the digital subscriber line service was restored about 10 p.m. CST. He said the outage affected customers in Florida, Georgia, Louisiana, Mississippi, Alabama, North Carolina, South Carolina, Kentucky, and Tennessee. “The root cause of the disruption is still being investigated but appears to be an equipment impairment,” he said in a statement. The editor of the industry newsletter DSL Prime, said broadband outages are not unusual. “Broadband goes down much more often than telephone lines because they didn’t build the system for the same level of reliability,” he said. “We do not know how often it happens, however, because they’re not obligated to report it.” At the Internet forum, people in several of the affected states posted reports of problems Monday night. Many said it appeared to be an issue with AT&T’s domain name servers, which help direct Internet traffic to its destinations. He also noted that an entire territory can be affected by a single point of failure, such as a disrupted domain name server, when the network does not have a backup for the server.