Monday, March 24, 2008

Daily Report

According to the Seattle Times, a wanted felon arrested last Wednesday may be responsible for stealing nearly 20,000 gallons of gasoline at fueling stations in Washington and Oregon. (See item 3)

CNN reports officials in Minnesota have closed a major bridge on the Mississippi River, citing safety concerns. A recent inspection showed bending in plates that connect steel beams that support the span. (See item 13)

Information Technology

27. March 21, InfoWorld – (National) Thousands of Web sites under attack. On March 12, McAfee’s AVERT labs reported 10,000 Web pages using Active Server Pages (ASP) had been infected through SQL injection. A few days later, Microsoft employee Neil Carpenter detected 14,000 maliciously-modified Web pages. After the initial SQL injection, the automated attack injected a malicious Javascript or Iframe code to redirect visitors to criminal-controlled Web sites. The malicious Web sites then attempted to invisibly exploit end-users using multiple, previously patched vulnerabilities, or if no vulnerabilities were found, attempted to socially engineer the visitor into running additional software. Following on the heels of this massive scale attack was another automated attack that made the first one seem small. McAfee reported more than 200,000 Web pages infected by an automated attack against phpBB software. phpBB is an open source Internet forum software product written in php. Users visiting an infected Web site were socially engineered into running additional (malicious) software programs. Web site hacking is very popular. Zone-h, which tracks web site defacements, reported almost 500,000 hacked Web sites in 2007. And this is obviously a serious under-count, as most of Zone-h’s data is self-reported by the hackers who hacked the Web sites. The professional criminal gangs involved in the majority of the Web hacks today do not report their activities to Zone-h. Even more interesting is Zone-h’s track of the mechanism the hacker used to attack the Web site. By far the most popular method was simple password sniffing/cracking/guessing, but they track attacks against the DNS servers and routers that protect the Web servers. Perhaps the most interesting new Web hack trend is where inputted search phrases end up causing malicious cross-site scripting or poison normal search results.

28. March 21, EFluxMedia – (New Jersey) Sequoia voting systems admits to hackers attacking their website. After New Jersey officials specifically asked e-voting machines used in the February 5 presidential primary elections to be submitted to an in depth analysis, Sequoia Voting Systems, the retailer company, announced that its website became inaccessible on Thursday night due to unauthorized access. The company took action as soon as they realized what had happened and removed the “intrusive content,” a spokeswoman said, adding that the company took further security measures and proceeded to “security enhancements” in order to protect the website from similar attacks. The incident was uncovered by the computer scientists in charge of investigating the e-voting machines in the New Jersey case. According to the same source, he reported that around 6:30 a.m. Eastern Time, Sequoia’s Ballot Blog had been replaced with a message saying it had been hacked, also including the name of the authors. When the New Jersey officials requested the investigation on the February 5 voting machines after unusual errors appeared, Sequoia Voting Systems threatened to attack the decision in court for violation of the license agreement. Sequoia has opposed releasing the machines citing concerns about intellectual property.

Communications Sector

Nothing to Report