Security News Curated from across the world
The report card is intended to raise the visibility of the need for strong information security, said FISMA’s author, Rep. Tom Davis (R-Va.).
Information security will garner attention if there is a massive cyberattack that could compromise the economy or homeland security, he said.
More info: [url=http://www.fcw.com/fcw/articles/2003/1201/web-fisma-12-02-03.asp]http://www.fcw.com/fcw/articles/2003/1201/web-fisma-12-02-03.asp[/url]
A simple search reveals a plethora of resources, tools, and personal homepages, most claiming to “hack” for legitimate reasons, within the law. But there is also an entire underground network of hackers honing their tools and skills with malicious damage in mind.
“Ten years ago, ‘hackers’ used to mean people who tinker with computers. The definition has changed, so get over it,” Peter Tippett, founder and chief technical officer at TruSecure told BBC News Online.
The underground network is vast, with thousands of individuals and groups, ranging from lurkers who are intrigued by hacker chat to “script kiddies” who try out hacker tools for a laugh. Newsgroups, internet relay chat and increasingly, peer-to-peer chat and instant messaging, are buzzing with constant hacker chatter.
Net security companies like TruSecure in the US, have the job of keeping an eye on these groups to work out which weak net spot they are planning to attack next. It currently tracks more than 11,000 individuals in about 900 different hacking groups and gangs.
“There are 5,500 net vulnerabilities that could be used theoretically to launch an attack, but only 80 or 90 are being used,” says Mr Tippett. “Only 16 of 4,200 of vulnerabilities actually turned into attacks last year.”
A team of human and computer bots – artificial intelligence programs – count the vulnerabilities that pop up all over the web daily and measure the risk of security attacks for TruSecure’s 700 or so customers. But that is not enough for 21st century net security, says Mr Tippett.
A separate team at TruSecure has a more mysterious job. It is the elite group of hacker infiltrators, codename IS/Recon (Information Security Reconnaissance). Their daily job is to “see what the bad guys say to each other and what they claim to have done” by gaining respect and building online relationships with groups with names like Hackweiser and G-force Pakistan, Mr Tippett explains.
The hours spent gathering 200 gigabytes of information a day, are invaluable in helping to catch the small proportion of hackers who do the net severe damage. Pieces of information about groups and individuals are put together like a giant jigsaw in TruSecure’s mammoth database, nicknamed the “brain”. [Editor note this is actually a product called “The Brain”.]
More info: [url=http://www.thebrain.com/company/Press/bbc/BBC%20NEWS%20%20Technology%20%20Cracking%20the%20hacker%20underground.htm]http://www.thebrain.com/company/Press/bbc/BBC%20NEWS%20%20Technology%20%20Cracking%20the%20hacker%20underground.htm[/url]
Graham Cluley, a senior technology consultant for Sophos, said Wednesday that the increasing use of broadband Internet connections and a general lack of security awareness have resulted in about one in three spam e-mails being redirected through the computers of unsuspecting users.
Cluley said that if a Remote Access Trojan (RAT), a type of Trojan horse program, is able to get into a PC, an attacker could take full control of that PC, as long as it is connected to the Internet.
There is also a very small chance that PC owners will have any idea their system is being used by a third party, said Cluley, who warned that attackers could remove any traces of their activity so that there would be no obvious record: “It is really just network and Internet bandwidth that is suffering–there is no permanent record left on the PC that you can look up–you wouldn’t see anything if you checked your Outlook ‘Sent Items’ folder,” he said.
More info: [url=http://zdnet.com.com/2100-1105_2-5113080.html]http://zdnet.com.com/2100-1105_2-5113080.html[/url]
The software firm noted that many versions of current viruses, such as “MiMail.I” are being written for financial gain, actively attempting to search for or persuade victims to enter personal information such as credit card numbers.
Viruses such as MiMail also seek out and harvest email addresses, propagating the worm onto other systems. “Swen.A,” “Dumaru”, and “Klez.H” were the top three most infectious viruses for Novemberm the firm found. Incidents of the Swen.A virus appeared more than 600,000 times, the company found, followed closely by Dumaru with just under 500,000 entries.
More info: [url=http://www.extremetech.com/article2/0,3973,1400299,00.asp?kc=ETRSS02129TX1K0000532]http://www.extremetech.com/article2/0,3973,1400299,00.asp?kc=ETRSS02129TX1K0000532[/url]
Verizon Communications Inc. and SBC Communications Inc. (see story, Page 26) recently launched VOIP services in selected cities.
In arguments to the FCC, the RBOCs point to Vonage’s marketing as an illustration that VOIP is the functional equivalent of regular telephone service, but others, including manufacturers such as Cisco Systems Inc., argue that it is an Internet application like instant messaging or e-mail.
More info: [url=http://www.eweek.com/article2/0,3959,1400198,00.asp?kc=EWRSS03119TX1K0000594]http://www.eweek.com/article2/0,3959,1400198,00.asp?kc=EWRSS03119TX1K0000594[/url]
The ‘Foreign Manufacturer Security Recommendations Customs-Trade Partnership Against Terrorism (C-TPAT)’, has been drawn up in the wake of the increased threat of terrorism. It will be implemented in a phased approach to foreign companies, with Mexican manufacturers being the first to fall under the rules. Within 90 days of signing the C-TPAT Agreement for Foreign Manufacturers, companies will have to provide an executive summary outlining the elements of the security procedures they have in place.
At a minimum, non-US companies must demonstrate they have information security controls proving the integrity of automated systems, and a process established for reporting and correcting problems. Pringle believes that C-TPAT will become an external business driver to speed up good security practice and companies that comply with BS7799, the British standard for information security management, will have a good framework in place as a starting point.
He said important security standards for systems include ‘having up-to-date anti-virus protection and firewalls that are properly configured. ‘Companies should also carry out penetration tests.’
More info: [url=http://www.vnunet.com/News/1150526]http://www.vnunet.com/News/1150526[/url]