Free Republic

A computer worm attack that shut down bank ATM terminals and disrupted Internet servers throughout the world may have been part of an al Qaeda terrorist threat to test the vulnerability of computer systems that serve U.S. financial interests, computer security experts say."Like the 9-11 attacks, the 'Slammer' worm was aimed at the heart of the U.S. financial community," says Leo Roth, a computer security analyst who advises the federal government. "For at least part of the weekend, a number of U.S. financial institutions were virtually shut down."Those affected include the giant Bank of America, whose nationwide ATM network went...

ThomasRegional.com ®  Industrial Market Trends U.S. Power Grid Vulnerable to Cyberattacks It’s a frightening scenario—a hacker getting into the U.S. electrical grid to cut off millions of people—and it’s far from inconceivable. In fact, it’s easy for a terrorist, a vindictive employee or even a bored teenager to tap into and disrupt the control systems that operate industrial facilities. And this vulnerability is widespread—from natural gas pipelines to nuclear plants and water systems. The country’s utilities and factories all run on similar industrial control systems, none of which were designed with security as a consideration. What’s more, their very...

Senate Blocks Funding for Pentagon Database WASHINGTON (Reuters) - Saying they feared government snooping against ordinary Americans, U.S. senators voted on Thursday to block funding for a Pentagon (news - web sites) computer project that would scour databases for terrorist threats. By a voice vote, the Senate voted to ban funding for the Total Information Awareness program, under former national security adviser John Poindexter, until the Pentagon explains the program and assesses its impact on civil liberties. The measure, introduced by Sen. Ron Wyden, an Oregon Democrat, also said the computer dragnet being developed could not be deployed without congressional...

Just thought I'd give this little PSA since I'm such a nice guy.Many of you are already familiar with Lavasoft's AdAware, but you may not be familiar with SpyBot Search & Destroy, which is actually more powerful and more up-to-date. Lavasoft hasn't updated their definition file since September because they're working on a new release, so it won't clean newer spyware creations like CommonName. I would keep AdAware however. It's still very useful. SpyBot also has a lot of other cool functionality built into it, like a clean on startup in case you are unable to remove the spyware's .exe...

Opinion A lot has happened since my Right to Defend column in SecurityFocus Onlinr last July, and the subsequent presentation I made at the Blackhat Security Briefings in Las Vegas. The idea has withstood a lot of criticism. To refresh, I believe you should have the right to neutralize a worm process running on someone else's infected system, if it's relentlessly attacking your network. I've even written code to demonstrate the process. Though the initial news coverage of the concept was grossly inaccurate in conveying my ideas, it has stirred up a constructive dialog. I knew my idea was...

CBSNEWS: Haunted By Ghosts Of Hard Drives PastSimson Garfinkel, a graduate student at the MIT's Laboratory for Computer Science, holds a used hard drive he bought containing personal information. (AP)Haunted By Ghosts Of Hard Drives Past CAMBRIDGE, Mass., Jan. 16, 2003 "People will think they have deleted the file, they can't find the file themselves and that the file is gone when, in fact, forensically you may be able to retrieve it." Tom Aleman Deloitte & Touche (AP) So, you think you cleaned all your personal files from that old computer you got rid of? Two MIT graduate students suggest...

Money machine error leads to endless flow of free cash. Then the police came.   Nick Britten The Daily Telegraph Thursday, January 16, 2003 A British financial institution lost more than $2.5-million after a computer error on its cash machines allowed customers to withdraw unlimited amounts of money. As word spread about the giveaway at the building society -- a sort of credit union -- lineups formed outside some of the machines and the blunder went undiscovered for five days, allowing people to return up to 20 times and take thousands of pounds in illegal withdrawals. When police caught up...

CAMBRIDGE, Mass. -- Computer hard drives are a lot tougher than you might think. Two grad students at the Massachusetts Institute of Technology say they've been able to retrieve a lot of data from dozens of second-hand computers. In a study, they bought dozens of used hard drives at computer shops and on eBay. They say 49 of the hard drives contained information ranging from credit-card numbers to love letters and pornography. They say merely deleting files from a hard drive -- or even taking a sledgehammer to it -- doesn't necessarily do the trick. Experts say the only sure...

HELEN JUNG, AP Business WriterTuesday, January 14, 2003 ©2003 Associated Press URL: http://www.sfgate.com/cgi-bin/article.cgi?f=/news/archive/2003/01/14/financial2108EST0385.DTL (01-14) 18:08 PST SEATTLE (AP) -- Microsoft Corp. said Tuesday it will make its prized source code for its Windows operating system available to several governments and governmental agencies, as it tries to stem defections to competitors' software. The software company has already signed agreements with the Russian government and NATO to allow them to review for free the underlying programming instructions that Microsoft has long guarded as secret intellectual property. The decision will let governments evaluate for themselves the security of the Windows platform, Microsoft said....

CBS) It could be one of the largest identity thefts ever. The Federal Trade Commission says sometime earlier this month computer hard drives containing more than 500,000 medical records were swiped at an Arizona company that does health care work for the Pentagon. The Defense Department is computerizing the medical records of all military personnel and their families, but just as the project gets past the experimental phase officials are grappling with the theft of thousands of records from a Pentagon health care contractor. Those records include Social Security numbers, medical claims histories, some credit card numbers, and other private...

'Big brother' data for entire town stolen FUKUSHIMA -- Private information on all 9,600 residents of Iwashiro, Fukushima Prefecture, complete with 11-digit resident registry numbers, has been stolen by a burglar, it was learned Saturday. Backups containing the sensitive data were one of the items swiped from a car belonged to a private company that the Iwashiro Municipal Government entrusted to manage its controversial resident registry network system. Masataka Ito, head of an Iwashiro government section in charge of the registry network, tried to play down the magnitude of the problem. "The backups cannot be decoded without specific tools designed...

<p>A notorious computer hacker has threatened to launch the most destructive computer virus the Internet has seen if the United States invades Iraq.</p> <p>Vladimor "Melhacker" Chamlkovic, 23, a Malaysia-based computer-geek who named a previous virus after Osama bin Laden, told The Post he has developed a new super virus.</p>

Thieves who broke into a government contractor's office snatched computer hard drives containing Social Secu rity numbers, addresses and other records of about 500,000 service members and their families. The company, Phoenix-based TriWest Healthcare Alliance, provides managed health care to the military in 16 s tates, including Utah. It serves about 1.1 million active-duty personnel, their dependents and retirees. TriWest spokesman Jim Kassebaum said computer equipment stolen from a TriWest office in Phoenix on Dec. 14 c ontained names, addresses, phone numbers, medical claim histories, and Social Security numbers for beneficiaries in its central region, which covers the central United...

The White House scrambled over the weekend to alleviate privacy violation fears raised by its proposal to build a monitoring system as an "early warning center" to track Internet use in the U.S. The proposal is part of the final version of "The National Strategy to Secure Cyberspace," expected to be released in early 2003. According to reports last week, the Bush Administration would require Internet service providers (ISPs) to build the system and to track their users. Few details were released by the White House. The proposal immediately raised concerns from privacy advocates who said the idea may cross...

WASHINGTON (Reuters) - Efforts to bolster Internet security will not lead to increased government scrutiny of individuals' online habits, the White House and industry sources said on Friday. As it finalizes sweeping guidelines that aim to increase cybersecurity, the Bush administration said individual privacy would not be affected by efforts to prevent cyberattacks. "The administration is not considering a proposal to monitor what individuals do on the Internet," a spokesman for the Department of Homeland Security said. High-tech companies, meanwhile, said they would resist government efforts to get involved in the day-to-day operation of the global computer network. In a...

U.S. to propose Net monitor system NEW YORK, Dec. 20 — The White House wants Internet service providers to help create a system to monitor Internet use, the New York Times reported on Friday. THE SYSTEM COULD be potentially be used for surveillance of Internet users, the Times said. The Bush administration plans to submit the proposal in a report, “The National Strategy to Secure Cyberspace,” which will be released early next year, the newspaper said, citing several people who have been briefed on the report.

The Bush administration is planning to propose requiring Internet service providers to help build a centralized system to enable broad monitoring of the Internet and, potentially, surveillance of its users. The proposal is part of a final version of a report, ``The National Strategy to Secure Cyberspace,'' set for release early next year, according to several people who have been briefed on the report. It is a component of the effort to increase national security after the Sept. 11, 2001, attacks. The president's Critical Infrastructure Protection Board is preparing the report, and it is intended to create public and private...

Worried about outsiders breaking into your network? Don't overlook your own employees. Just ask Autotote, where a software developer almost stole a $3 million jackpot. Serious handicappers betting on ponies know they're always bucking the odds.But the rigging of the Pick Six payoff at the Breeder's Cup championship showed how trusted insiders can manipulate networks to steal from unsuspecting bettors—long before the horses get to the gate. The million-dollar fiasco is not an isolated problem. The truth is, any company that handles financial transactions or valuable information electronically runs the risk of being fleeced by its own technology staff—or users....

  Senate Closes Accidental AnonymizerBy Kevin Poulsen, SecurityFocus Dec 10 2002 1:24PMNever let it be said that the United States Senate has done nothing for Internet privacy. Network administrators for the U.S. government site www.senate.gov shut down an open proxy server over the weekend that for months had turned the site into a free Web anonymizer that could have allowed savvy surfers to launder their Internet connections so that efforts to trace them would lead to Capitol Hill. A proxy server is normally a dedicated machine that sits between a private network and the outside world, passing internal users'...

By Declan McCullagh Nov. 22 — A Defense Department agency recently considered—and rejected—a far-reaching plan that would sharply curtail online anonymity by tagging e-mail and Web browsing with unique markers for each Internet user. The idea involved creating secure areas of the Internet that could be accessed only if a user had such a marker, called eDNA, according to a report in Friday’s New York Times.