(University Wire, 11 April) University of Texas
researchers have employed artificial intelligence and human security
experts in a new line of defense against computer hackers. Research
scientists at the University's Applied Research Laboratories are using
artificial intelligence to identify cyber attacks more quickly than
other techniques, so that human experts can counteract the effects of
the attacks more rapidly. Clark Penrod, executive director of the
Applied Research Laboratories, said the main problem in protecting
computer networks has been distinguishing between authorized access and
unauthorized access. He added that the UT research team's technique,
called the Network Exploitation Detection Analyst Assistant, makes that
distinction by learning to recognize patterns of behavior that are
unusual for authorized computer network users.
(Newsbytes, 11 April) Newsbytes reports that a
bill set to be unveiled Wednesday will encourage companies to share
information about hacker attacks by providing firms with a limited
exemption from the Freedom of Information Act (FOIA), bill supporters
said today. Set to be introduced by Reps. Tom Davis, R-Va., and Jim
Moran, D-Va., the legislation would allow companies to share information
about cyber-attacks with law enforcers and industry groups, without
worrying that such information could come back to haunt them, Davis
staffer David Marin said today.
( Newsbytes, 11 April) On April 18, legions of Washington, D.C.'s
finest will be on guard outside World Bank headquarters to make sure
that the latest meeting of the International Monetary Fund will not have
to endure the types of disruptions suffered at the hands of protesters
in Seattle last December. At the same time, just two blocks away, an
army of internal auditors will quietly amass in their own call to action
against an even greater threat to corporate America: cyber-insecurity.
Drawing upon lessons learned from February's distributed denial of
service attacks, representatives from nearly every facet of the risk
management community will attempt to convince an audience of corporate
decision-makers that their bottom line is essentially bottomless without
a solid foundation of information security. Among those invited include
senior executives and corporate directors from companies that comprise
so-called "critical infrastructures" - including transportation,
manufacturing, finance, utilities and telecommunications. Each will
receive a set of guidelines, which if adhered to, could help stave off
major litigation that might result from a temporary shutdown in any one
of those sectors.
(NY Times, 11 April) The United States government's ability to keep
track of looming international threats was drastically curtailed last
year because of a prolonged computer breakdown at the Pentagon agency
that collects and analyzes photographs from spy satellites. The computer
malfunction was so bad in August that United States intelligence
agencies were left nearly blind for a few days, unable to rely on
photographs from any spy satellites for use in a wide range of
intelligence operations. "This was a catastrophic systems failure," one
senior official said. The computer problems developed just as the agency
was overhauling its main computer system and installing a new one,
called the National Exploitation System, in time to deal with Year 2000
problems. The computer crisis, at the National Imagery and Mapping
Agency, continued for about a month, and was far more serious than the
brief, previously disclosed Year 2000-related problems in intelligence
systems that occurred over the New Year's holiday. It came as the
mapping agency was installing a new system, which caused the breakdown.
After months of work, the problem has largely been solved, although some
officials said the system still did not work as it should.
(Bloomberg News, 12 April) Microsoft Corp., Intel Corp., and other
companies struggling to fill jobs for software designers and other
computer-related jobs would get help under a new House bill that would
remove the limit on temporary visas for highly skilled workers. The
legislation, introduced yesterday by Lamar Smith, Republican chairman of
the Judiciary Subcommittee on Immigration, would come with conditions
designed to ensure that companies don't replace US workers with
lower-paid foreign workers.
(Newsbytes, 11 April) The annual Infosecurity Europe 2000 (Infosec 2000)
show opened in London, England, this
morning and, while the rain probably kept some prospective show visitors
away, things got off to a good start. All eyes, however, will be on the
last day of the three-day event, April 11, when a keynote session will
be hosted by a trio of US hackers, one of the strongest line-ups of
hacking experts ever assembled in the UK. Yvonne Eskenzi, a
spokesperson for the show organizers, told Newsbytes that the
superhackers will cut through the hype and speak out on what's really
going on in the world of hacking. The line-up scheduled for Thursday
includes: Sir Dystic, member of the Cult of the Dead Cow and creator of
the Back Orifice hacker program; Winn Schwartau, president of Interpact,
the best selling author of Information Warfare, Time Based Security and
CyberShock; and Kent Browne, a vigilante hacker and spokesman for
Condemned.org. Established in December, 1999, Condemned.org is a world
wide organization, staffed by volunteers, actively removing child
pornography from the Internet.
(CNN.com, 11 April) Robert Sajo, a Hungarian-born citizen of
Canada, is the founder of Cuba's first Web site, Cubaweb - and the
holder of Cuba's only legal residential Internet connection. Sajo's
abode is ground zero for Cuba's Internet elite. Day and night,
high-ranking government officials, Net entrepreneurs, students and
foreign observers drop by for Cuba libres, advice or small talk, mostly
on one topic - bringing the Internet to Cuba.
(Ziff Davis, 11 April) Press reports indicates that Number 10
Downing Street (the British Prime Minister?s residence and office) was
infiltrated by a nonsensical Russian computer virus, reportedly
distributed by the Ministerial department responsible for spreading
information about the threat of the millennium bug (Central Office for
Information). The W97M/Proverb macro virus spreads via email and
apparently generates unintelligible Russian proverbs. This virus is not
considered a serious risk by the anti-virus laboratories at Network
Associates.
(FBIS, 11 April/Moscow Segodnya,7 April) The Moscow Arbitration
court yesterday began hearings into the lawsuit brought by Volgograd
Internet provider Bayard-Slaviya Communications against the Russian
Ministry of Communications. Bayard representatives claim that the
Ministry and other Departments began to persecute the company after it
refused to install on its premises Federal Security Service (FSB)
equipment for ?tapping? confidential information that belonged to
customers. Current Russian law requires the company admit FSB personnel
to its systems to tap suspect conversations, following production of a
prosecutor?s warrant; the company alleges that the FSB went further than
the law and demanded permanent access. Bayard claims the FSB is acting
out of commercial interest, generating income by forcing operator
companies to install equipment provided by companies affiliated with the
FSB (NIPC COMMENT: The FSB can use the SORM monitoring guidelines to
gather substantial information well beyond what comparable U.S.
guidelines will support; this FBIS report indicates that FSB motivation
for acting on the SORM guidelines may be as much corrupt commercial
interest as an expansion of domestic information collection).
(Federal Computer Week, 12 April ) The
National Science Foundation and MCI WorldCom have agreed to continue
operating the system that provides advanced supercomputing to
universities and government agencies until at least 2003 at no cost to
NSF. Universities with access to vBNS gain access to NSF resources
through the agency?s Partnerships for Advanced Computational
Infrastructure program, according to NSF. The vBNS also provides
advanced connectivity to other U.S. research networks, such as the
Energy Department?s ESNET and the NASA Research and Education Network.
IMPORTANT NOTICE: If you are not using HushMail, this message could have been read
easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.
