Worm
Writers One-Up Each Other
3/10/2004
The battle
to capture your e-mail address has gone to new levels: deleting
competing worms. by Mathew Schwartz, Enterprise
System News
Keeping
virus-hunters especially busy, recent versions of the
well-traveled worms Bagle, MyDoom, and Netsky appear to be
battling for which will ultimately own infected users’
computers, with Netsky literally deleting the competition. At the
same time, each new version creatively disses the competition.
“You are a looser!!!!” reads Netsky.F, to which the partial
Bagle.I reply is, “don't ruine our bussiness, wanna start a war
?” Grammatically speaking, for the most part only the expletives
are spelled correctly.
Bad grammar aside, security experts say the taunts perhaps explain
why so many versions of recent worms are suddenly at large. More....
Case
Study: Protecting Intellectual Property on the Go
Enterprise
Systems
by
Mathew Schwartz
3/10/2004
Kettering
Medical Center finds a solution to who sees the data, for how
long, and how much data a user can view.
Martin
Satter, the chief positron emission topography (PET) physicist at
the Kettering Medical Center in Ohio, asked that question after
his department created a sensitive medical presentation. He wanted
his audience to view the browser-based presentation but not the
underlying files—the hospital’s intellectual property.
Kettering offers PET, an imaging technology. Unlike x-rays or
magnetic resonance imaging, which see anatomical changes, PET sees
biochemical changes which can “occur before there are anatomical
changes,” notes Satter. Long a research technology, PET recently
became an accepted clinical tool. “It was only in 1998 that
Medicare started paying for PET scans,” he says, and today
Medicare covers 15 indications, all related to oncology. More....
The rethinking of computer
security
By Jon Oltsik
Special to
ZDNet
March 10, 2004, 4:00 AM PT
COMMENTARY--The security industry is in the midst
of a transition, one that promises to profoundly change the way
businesses think about the subject.
In many respects, it parallels how the creation of the Web browser
reshaped people's thinking about the potential of the Internet.
Recall that the advent of the Web browser helped
transform the Internet from a clubby insider research vehicle to
an essential piece of the global business infrastructure. But the
system also needed to become more reliable, easier to use, and
better integrated into business processes before its potential
could be reached. Similar demands now attend the field of
information security thanks to the accelerating intersection of
security and business. One sign of the changing times was on full
display last month when Microsoft Chairman Bill Gates was invited
to deliver the keynote speech at the RSA Security conference.
Microsoft's record obviously stirs passions in the security
industry, but there is little doubt that the company definitely
gets it now. More....
We're just innocent techies, say
accused spammers
By John Leyden, The
Register Mar 9 2004 8:39AM
Lawyers for a Florida firm accused of inundating AOL users with
spam have hit back with a motion seeking to dismiss the lawsuit.
According to dismissal papers filed yesterday, AOL's lawsuit
against Connor Miller Software in Orlando federal court is
"essentially the same" as a case "dismissed"
by a Virginia judge last December.
The defendants' lawyer, Seth Berenzweig of law firm Albo &
Oblon, says that Judge Claude Hilton of Virginia "concluded
the technicians never sent any emails, or directed any activity to
AOL's computers".
AOL retorts that the Virginia court simply refused jurisdiction in
the case, hence its decision to file suit against Connor Miller
Software and its directors in their home state last month.
According to AOL's lawsuit, Connor Miller Software conspired with
Thailand-based spammers to send more than 35 million spam emails
to its members. This avalanche of low-interest mortgage rate
offers generated 1.5 million complaints, according to AOL. More....
Touching SAP Data: User Access
and Biometrics
Enterprises can record when users access
data in an SAP system, but biometrics makes it possible to add
physical evidence to the log.
by Mathew Schwartz 3/10/2004
Biometrics: the word alone conjures the enormous
post-9/11 hype over facial recognition. The promise was the
technology would catch all terrorists as they moved through
airports. While the hyperbole sold, the technology didn’t
deliver. The Boston Globe reported in September 2003 that Boston's
Logan Airport face-recognition trials were halted when error rates
exceeded 50 percent.
While biometrics isn’t a cure-all, it does have more realistic
enterprise application. In an era of Sarbanes-Oxley holding CEOs
accountable for their company’s financial statements, it helps
to know exactly who touched the financial database, and when they
touched it. Smart cards, passwords, and key fobs will record when
each of those devices was used—but who was on the other end?
Presumably it was the person to whom the device was issued.
Without corroborating evidence, however, it’s still in question.
More....
Why Are Virus Attacks Getting Worse?
March 8, 2004
By John
C. Dvorak, PCMag.com
Why have we seen so many new virus attacks in recent weeks? I
believe it's because there has been little effort made by law
enforcement officials to find or stop the virus authors. Maybe
there is more effort coming from law enforcement than I'm
observing—but if that's true, what they're doing is incredibly
inefficient, and it's helping to give the green light to every
black-hat coder out there. Script kiddies have gone berserk,
seeing that nobody is being caught or prosecuted, and they form a
unique smokescreen for the more talented culprits. The scariest
aspect is that these viruses and the tricks being used to infect
machines are outstandingly efficient and of high quality.
To be honest—and I know this is adding to the problem—you
have to feel some admiration for the latest series of attacks. PC
Magazine has covered them all in detail recently in
a
series
written by Jay Munro and others. But what hasn't been addressed is
now more important than ever: the sociology of attacks. I'm amazed
by the creative and tricky ways these viruses are being planted,
and how the hapless user is tricked into clicking on dopey
attachments when he or she absolutely should not do so. While
creative virus coders could easily devise ways to simply run code
in a preview window, which would initiate problems automatically,
they instead sucker the poor user into clicking on something.
More....
Stepping Up to Sarbanes-Oxley
When it comes to compliance, some aspects of
meeting the law's requirements may fall to the IT security group.
Security Manager's Journal by Mathias Thurman
JANUARY 26, 2004
(COMPUTERWORLD) - Most information security professionals are
probably familiar with at least one of the many recent regulations
that have an information security element to them. For my company,
the legislation of concern is the Sarbanes-Oxley Act, which has
presented new financial accounting and reporting requirements. I
recently reviewed the law to see what the IT security group needed
to do to ensure compliance. It was without a doubt the most boring
document I've read in months.
Besides getting bored, I also came away confused because it
offered no guidance on the related information security issues.
After further reading, I decided that the most important part for
my group is Section 404, titled "Management Assessment of
Internal Controls." This section mandates that management
attest to the effectiveness of our company's "internal
control" structure and procedures for financial reporting.
Internal control is an extremely broad term, but I translated this
section to mean that the CEO will expect my group to have
sufficient controls in place to ensure the confidentiality,
integrity and availability of financial and other critical
information. So I came up with an initial plan to ensure
compliance. More....
This Is Your Attacker Calling
Protecting networks from hackers is easy compared with guarding against social-engineering attacks.
Security Manager's Journal by Vince Tuesday
MARCH 08, 2004 (COMPUTERWORLD) - It's a network that connects over 98% of the population. It extends to every country on the planet and occasionally even into outer space. No, it's not the Internet. It's the telephone network. The phone system is a vital part of my company's information infrastructure, but it also offers a nearly perfect venue for attack. It's possible to spoof your Internet address, but not if you want packets to make their way back to you. In that case, you have to include your real address, and that means everyone between you and your target -- and the target itself -- can get your address.
On the computer network, our intrusion-detection systems can shift through gigabytes of data every second, plucking out malicious behavior. With attacks by telephone, we don't have any easy way to trace the origin of malicious callers without involving the legal system, and we must rely on our staff to spot and report incidents.
More....
Vulnerabilities
