Thursday, May 8, 2008

Daily Report

• The Saint Louis Dispatch reports that according to Food and Drug Administration records, 400 shipments of Chinese seafood to the U.S. were sent back due to contamination or other issues despite the fact that less than 1 percent of all imports were inspected. (See item 15)

• TG Daily reports that several hundred to possibly a thousand laptops are missing from the U.S. State Department, according to an internal audit. Many likely contain classified information, and as many as 400 computers belonged to the Anti-Terrorism Assistance Program which provides counterterrorism training to other nations. (See item 29)

Information Technology

33. May 7, – (International) Major media malware attack breaks out on file-sharing networks. McAfee has reported “the most significant malware outbreak in three years,” with more than 500,000 detections of a Trojan horse masquerading as a media file. Since Friday 2 May, more than 500,000 instances of the Trojan have been detected on PCs. The malicious MP3 music or Mpeg video files have appeared on popular file-sharing services such as Limewire and eDonkey. Firms should be concerned as employees often access such file-sharing networks on corporate machines. Security software firm McAfee rates the threat as a “medium” risk. No other malware has received that risk rating since 2005. All other threats since then have been rated lower on the severity scale. “This is one of the most prevalent pieces of malware in the past three years,” said a threat researcher at McAfee Avert Labs. “We have never before had a threat this significant that arrives as a media file.” Cybercrooks have loaded hundreds of rigged MP3 and Mpeg files on to file-swapping services. The files are all named differently in multiple languages, and vary in size to make them appear like legitimate music or video files. Attempting to play one of the malicious files will trigger the download of an application named “PLAY_MP3.exe”, which will serve ads to the infected computer. McAfee identifies the Trojan horse as “Downloader-UA.h.” Some of the sample names used by the malicious media files include “preview-t-3545425-adult.mpg”, “preview-t-3545425-changing times earth wind.mp3”, “preview-t-3545425-girls aloud st trinnians.mp3”, “preview-t-3545425-jij bent zo jeroen van den.mp3”, “t-3545425-lion king portugues.mpg” and “t-3545425-los padres de ella.mpg”. Source:

34. May 6, Dark Reading – (National) University study examines the causes and costs of hard drive failure. Viruses or Trojans can infect PCs and wreck their hard drives. But how often does it really happen – and how bad is the damage? A new university study suggests that hard-drive-killing attacks launched by hackers are rare – but when they do occur, they can be more costly than most companies think. The study, published last quarter by professors at the University of Pepperdine and commissioned by data recovery vendor Deepspar Technologies, looks at the causes of hard drive failure and offers insights on just how “fatal” a fatal drive error can be. Aside from physical theft, hard drive failure is the most common cause of data loss on PCs, the study says, accounting for 38 percent of data loss incidents. In about 30 percent of these cases, the loss of access is the result of drive problems, where corruption of the media makes the data unreadable. Software corruption, which is the usual path used by hackers and viruses to “crash” a hard drive, only causes data loss in about 13 percent of cases. Such incidents are only slightly more frequent than drive losses caused by human error (12 percent). But while remote attacks may cause fewer crashes than many users believe, the cost of the crashes may be higher than many executives expect, the study states. Source:

35. May 6, Medical News Today – (International) A digital haven for terrorists on our own shores? If you use one of Americas top Internet service providers, you may share server space with an organization that enables worldwide terrorism, says a new study by Tel Aviv University. A workshop on terrorist organizations and the Internet was organized for the North American Treaty Organization (NATO) by the Netvision Institute for Internet Studies (NIIS) and the Interdisciplinary Center for Technology Analysis & Forecasting, both of Tel Aviv University. Berlins Institute for Cooperation Management and Interdisciplinary Research (NEXUS), affiliated with the Technical University of Berlin, also participated. The findings were presented in Berlin to a closed audience of high-ranking representatives from NATO in February 2008. Enlisted by NATO officials to study the web activity of terrorist organizations, researchers found that some of the worlds most dangerous organizations are operating on American turf. Hezbollah, the Islamic Jihad, and al-Qaeda all have websites hosted by popular American Internet service providers - the same companies that most of us use every day. Source:

Communications Sector

36. May 6, Reuters – (International) Verizon joins another undersea cable network. Verizon Communications Inc’s business unit said on Tuesday it would help build an undersea cable connecting Europe, the Middle East and India to expand its global network to support Internet traffic. Verizon Business, the company’s unit in charge of corporate clients, said it joined a consortium of 16 companies to build a 9,000 mile optical cable system linking the three continents. The network, named the Europe India Gateway, is due to be completed in 2010 and cost more than $700 million. The unit did not disclose how much it would pay. Verizon Business is involved in more than 67 submarine cables worldwide, and the Europe India Gateway is its third major project in the last four years. It has been boosting advanced cable network investment to provide more stable voice connections and faster Internet services for global corporate clients. Source: