30 December 2004 - Corporate Executives Engaging in CyberCrime
Corporate America faces a new kind of cracker. Information-technology
managers and chief technology officers-the people charged with
safeguarding corporate networks-are engaging in acts of digital
espionage. In the past two years, a half-dozen cases have hit
the courts, charging that technology executives have broken into
the computer systems of a rival. Keep the fingers of your competitors
off secrets you now store on hard drives and servers.
December 2004 - Dutch Regulator Slaps Fines on Spammers
Dutch telecommunications regulator OPTA has imposed large fines
on three spammers; the Netherlands banned unsolicited email to
consumers in May, 2004. The fines ranged from 20,000 Euros to
42,500 Euros (approximately US$27,000 to US$57,000). One of the
scams used SMS (short messaging service) to send mail to mobile
phones. People who opened the mail were automatically charged
1.1 Euros (US$1.49). OPTA is coordinating an information sharing
effort within the EU to help cut down the volume of
spam; eight of 25 EU member nations have signed up for the program.
December 2004 - AOL Reports Significant Drop in Spam Volume
America Online said that it has seen spam drop significantly to
its customers. The average number of spam emails blocked daily
dropped from 2.4 billion in 2003 to 1.2 billion in late 2004.
AOL received 2.2 million spam complaints in November 2004, compared
with 11 million in November 2003. AOL users report spam by clicking
a "report spam" button. AOL says that anti-spam legislation
along with its spam filtering tools are responsible for the decline
in volume. Other Internet providers say they have not seen a decrease
in the amount of spam on their networks over the past year; this
may be attributable to AOL's aggressive stance regarding legal
action against spammers.
December 2004 - Iowa Man Pleads Guilty in Piracy Case
Jathan Desir, a 26-year-old Iowa man, has pleaded guilty to copyright
infringement and conspiracy to commit copyright infringement for
his part in a piracy operation that distributed music, games,
software and movies over the Internet. Desir will be sentenced
on March 18, 2005, and will face up to 15 years in prison. Desir
was caught through Operation Fastlink, which aims to curb digital
piracy on an international level. http://news.zdnet.com/2102-3513_22-5505610.html?tag=printthis
December 2004 - The Dirty Dozen Spamming Countries of 2004
Did you know that over 40% of all spam is sent from innocent third
party computers? Find out where the computers are around the world
which are spewing out the most spam in this report from Sophos,
and how you can ensure you are not adding to the problem.
21 December 2004 - Judge Refuses Guilty Plea in eMail Address
US District Judge Alvin Hellerstein refused to accept a guilty
plea from Jason Smathers, a former AOL employee who allegedly
stole and sold 92 million email addresses to spammers. Despite
the fact that Smathers had reached a plea agreement with federal
prosecutors, the judge said he was not convinced that Smathers
had deceived anyone by his actions. He cannot be prosecuted under
the CAN-SPAM Act if he did not intend to deceive anyone.
21 December 2004 - Blood Bank Informs Donors of Possible Personal
A California blood bank has sent letters to donors whose personal
information may have been compromised after one of the bank's
laptop computers was stolen. The information is protected by a
password and a series of steps necessary to open the database.
A California law requires organizations to notify customers whose
data may have been compromised in the event of a security breach.
The company has said it will no longer collect social security
numbers from donors and that it will revise the way it "handles
computer hardware and other sensitive equipment."
December 2004 - Judge Awards Iowa ISP Damages in Spam Cases
A judge in Iowa has awarded a small ISP more than US$1 billion
in damages in a default judgment against three alleged spammers.
The enormous sum was determined under an Iowa law that levies
a $10 fine for
each spam email sent. It is unlikely the plaintiff will recover
any of the awarded damages.
December 2004 - Lowe's Wardrivers Sentenced
Two men who broke into Lowe's wireless computer network and tried
to steal customer credit card numbers have received prison sentences
for their crimes. Though Brian Salcedo could have received a sentence
of up to 15 years under federal guidelines, his sentence was reduced
to 9 years because he helped Lowe's address the security problems
he had exploited. Adam Botbyl, an accomplice, received a 26-month
sentence to be followed by 2 years of court supervised release.
By compromising a Lowe's store wireless network in Southfield,
Michigan, the men were able to access to the company's central
computer system and other systems around the country. Salcedo's
sentence is the harshest ever handed down for a cyber crime in
the United States.
December 2004 - Phishing Attacks Increase in November
A newly released report from the Anti-Phishing Working group says
that phishing attacks were up 29% in November, nearly a third
higher than the figure for October. EarthLink and MSN were both
highly targeted in November. The US accounted for 27% of phishing
sites; China accounted for 21%.
16 December 2004 - Australian Police Allowed to Use Spyware
to Gather Evidence
Australian legislators recently passed The Surveillance Devices
Act, allowing law enforcement to use backdoor and keystroke-logging
programs to gather evidence against suspected criminals. The warrants
to use the technology would be granted in cases where the offense
being investigated carries a sentence of three or more years.
Some critics of the act are concerned that it gives law enforcement
too much power; others are concerned that it conflicts with parts
of the country's Telecommunications Interception Act. Still others
fear that evidence gathered under the act would not be admissible
in court, as the computer in question has already been compromised
in order to install the spyware.
December 2004 - Healthcare Security group to Release HIPAA Compliance
The Healthcare Security Workgroup says it will release guidelines
to help health care organizations comply with the data security
requirements established by the Health Insurance Portability and
Accountability Act (HIPAA). The security provisions of the Act
take effect in April 2005.
December 2004 - Judge Throws Out Maryland's Anti-Spam Law
A Maryland judge has ruled the state's anti-spam law is unconstitutional
and tossed out a suit against a New York e-mail marketer, saying
the state law seeks to regulate commerce outside Maryland's borders.
13 December 2004 - CAN-SPAM Has Not Reduced Spam Volume
The CAN-SPAM Act, which went into effect nearly one year ago,
has had no effect on the amount of spam in people's mailboxes;
in fact, spam volume has increased. Part of the reason for its
apparent lack of efficacy is that it relies on an opt-out model
that is counterproductive. CAN-SPAM has, however, provided a framework
to prosecute spammers. The Federal Trade Commission has filed
5 lawsuits under the act, and two states, Massachusetts and Washington
have each filed one suit under the act.
December 2004 - Man Sentenced to 7 Years in Prison for DirecTV
Martin Mullen has received a 7-year prison sentence after pleading
guilty to conspiracy to violate anti-piracy laws. Mullen apparently
ran an organization that sold smart cards that had been tampered
with to allow people to view DirecTV without paying. Mullen was
also ordered to pay US$24 million to DirecTV and NDS Ltd., the
company that makes the smart cards. Interestingly, NDS engineers
are working to crack a memory stick that was seized from Mullen
when he was arrested; the assistant US Attorney who prosecuted
Mullen says the government gave the memory stick and some other
evidence to NDS because the government did not have the facilities
to analyze the equipment.
December 2004 - Digital PhishNet Will Channel Phishing Information
to Law Enforcement
A group of ISPs, technology companies, banks and law enforcement
agencies have come together to help in the fight against phishing.
Called Digital PhishNet, the group's aim is to gather information
about phishing schemes as they occur and expedite the process
of getting that information to appropriate law enforcement agencies.
December 2004 - Trojan Horse Program Pretends to be Lycos Anti-Spam
A keystroke-logging Trojan horse program, known as Mdropper-IT,
has been circulating on the Internet in the guise of being Lycos
Europe's anti-spam screensaver that has recently garnered attention.
It arrives as an attachment and steals passwords, usernames, credit
card details and other sensitive personal data. Lycos Europe stopped
its campaign on December 3, 2004 due to criticism that the screensaver's
were responsible for knocking sites offline.
December 2004 - Internet Users Concerned About eCommerce and Banking
A survey of 5,000 adult Internet users conducted by Gartner found
a growing concern with the lack of security on banking and e-commerce
web sites. More than 80% of the people surveyed said they would
be more likely to purchase from sites that require more than usernames
and passwords for account protection. Given choices among additional
authentication technologies, respondents favored the simple, such
as challenge and response features, over the more complex, such
as security software downloads, and multi factor authentication
like smartcards and USB tokens.
November 2004 - Cyber Attacks Are All About Money: Q&A with
FBI's Dave Thomas
Dave Thomas oversees the FBI's counter-terrorism and criminal
computer intrusion investigations. He provides a candid picture
of what the FBI is seeing in new types of attacks. He talks about
who is committing cyber crimes, where they are coming from geographically
and what is being done to prevent the crimes. Cyber criminals
are increasingly motivated by financial gain rather than mere
notoriety. "It used to be about access, but it's all about
November 2004 - Phishing Victims Still Learning the Hard Way
A compelling series of three articles about phishing include interviews
with nearly a dozen phishing victims underscores the rampant growth
of these attacks and what steps are being taken to mitigate the
[Editor's Note (SANS): It is extraordinary that the Washington
Post.com journalists were able to find actual victims willing
to discuss what happened. Their stories bring the problem to life
for readers. If you have security awareness training in your organization,
these stories will be great handouts.]
November 2004 - New Sober Variant Spreading Rapidly
A new variant of the Sober worm began spreading late last week.
Sober arrives in an email attachment and uses its own SMTP engine
to spread to other email addresses it finds on the infected computer.
Machines running Windows 95, 98, ME, NT, XP, 2000 and 2003 are
vulnerable. It places two copies of itself on machines it infects.
17 November 2004 - FTC Alleges Mortgage Companies Violated
The Federal Trade Commission has issued an administrative complaint
against one mortgage company and has reached a settlement agreement
with another regarding charges both violated the Gramm-Leach-Bliley
Act's Safeguard Rule. The rule requires financial companies to
provide reasonable protection for customers' personal and financial
November 2004 - Porno Trojan Preys on Sleazy Web Surfers
The Troj/Delf-IT Trojan horse redirects web browsers to a pornographic
website. The Troj/Delf-IT Trojan horse lurks in the background
on infected PCs, waiting for the user to visit webpages which
contain one of various adult phrases in their title. http://www.sophos.com/virusinfo/articles/delfit.htm
November 2004 - Spammer's Trial Reveals Mailing List Sources
Over the course of Jeremy Jaynes's trial, details emerged about
the spammer's activities. His mailing lists were a stolen AOL
customer database and an eBay customer database. He sent out 10
million emails a day on 16 high speed lines. http://www.informationweek.com/shared/printableArticle.jhtml?articleID=52601698
November 2004 - UK Online Bank Accounts Put at Risk by Trojan
Security researchers at Sophos have warned of a Trojan horse which
helps criminals break into the accounts of British internet banking
November 2004 - Alleged Phisher Arrested in Boston
Boston police have arrested an alleged phishing scam artist. Andrew
Schwarmkoff has been arraigned on counts of fraud, larceny, identity
theft and receiving stolen goods. Schwarmkoff, who is alleged
to be a Russian mobster, was ordered held in lieu of US$100,000
November 2004 - Bofra-B worm poses as PayPal credit card purchase
Anti-virus experts at Sophos have warned users to be wary of unsolicited
emails appearing to come from PayPal, as they may be luring the
unwary into being infected by the W32/Bofra-B worm. The worm sends
emails pretending to be notification from PayPal of a $175 credit
card purchase. Find out what the emails look like now, and ensure
you are protected. http://www.sophos.com/virusinfo/articles/bofrab.html
8 November 2004 - BSA to Double Reward Cap for UK Whistleblowers
The Business Software Alliance has announced that it is doubling
the maximum reward it offers to people who inform them about UK
companies using pirated software. Whistleblowers will now receive
10% of the face value of the software recovered up to GBP20,000.
November 2004 - Study Shows IT Security Professionals Will Number
2.1 Million by 2008
A study conducted by IDC projects that the number of IT security
professionals worldwide will increase to 2.1 million by 2008,
a compound annual growth rate of 13.7% from 2003. In addition,
the study found that 93% managers responsible for hiring security
staff consider certifications to be important.
November 2004 - Internet Scam "Mastermind" Sentenced
An Australian judge has sentenced Nick Marinellis to at least
four years in jail for "masterminding" a Nigerian 419
scam in which he stole approximately AU$5 million (approximately
US$3.78 million) from his victims. Marinellis will not be eligible
for parole until February 28, 2008.
November 2004 - Stolen Computers Contain Wells Fargo Customer
Four computers stolen from Regulus Integrated Solutions LLS's
Atlanta office contain names, addresses, social security and account
numbers belonging to thousands of Wells Fargo student loan and
mortgage customers. Wells Fargo has notified affected customers
by mail and is offering a free year of its credit monitoring service.
November 2004 - DDoS Boss on FBI's Most Wanted List
Saad "Jay" Echouafni, who allegedly hired people to
launch distributed denial of service attacks against business
competitors, has been placed on the FBI's most wanted list after
he apparently skipped bail, possibly fleeing to his home country
of Morocco. He is a fugitive from a five-count federal indictment.
Five men Echouafni allegedly hired to
orchestrate and conduct the attacks are headed for federal court.
November 2004 - Univ of Texas Student Indicted on Fraud Charges
for Alleged Data Theft
A federal grand jury has indicted Christopher Andrew Phillips,
a former University of Texas student, on charges he broke into
the university's computer system and stole personal data belonging
to more than 37,000 students, faculty and staff. Phillips's attorney
maintains his client had no criminal intent, that he did not use
any "hacking tools" and that the school's computer system
was not posted with "Do Not Enter" signs.
November 2004 - New Phishing Tactic is Stealthy
MessageLabs has reported seeing what could become a new twist
in phishing scams. These emails contain a script that, once the
email is opened, rewrite host files to automatically redirect
users to phishing sites when they attempt to visit legitimate
banking sites. Traditionally, phishers' emails have required victims
to open an email
and then click on a link to the fraudulent web site. The only
banks that have been targeted thus far are three Brazilian banks.
Users can protect themselves from this particular attack by disabling
Windows Scripting Host.
4 November 2004 - Siblings Convicted of Spamming
Jeremy Jaynes and Jessica DeGroot have been convicted of sending
thousands of spam emails to AOL subscribers through the company's
servers in Virginia. The jury recommended that Jaynes receive
a 9-year prison sentence and that DeGroot, his sister, be fined
US$7,500; they will be formally sentenced early next year. A third
defendant in the
case was found not guilty.
1 November 2004 - Top ten viruses and hoaxes reported for October
Find out which viruses dominated the charts in the month of October,
and which email hoaxes continue to be spotted
by users around the world.
October 2004 - Two Oxford Students Suspended for Computer Network
Oxford University's Court of Summary Jurisdiction has suspended
two students on charges of breaking into the school's computer
network. Patrick Foster and Roger Waite wrote of their activities
in the Oxford Student newspaper, maintaining they wanted to expose
the security weaknesses in the computer system. The two feel the
punishment is too harsh and say they will appeal the decision.
October 2004 - Secret Service Undercover Investigation Nets 28
Alleged Identity Thieves
A US Secret Service undercover investigation code-named Operation
Firewall led to the arrest of 28 people in seven countries on
charges of identity theft, computer fraud, credit card fraud and
conspiracy. The group allegedly stole 1.7 million credit card
numbers and forged numerous identity-related documents, such as
licenses, birth certificates and passports. http://www.theregister.co.uk/2004/10/29/operation_firewall/print.html
October 2004 - Three Alleged AOL Spammers on Trial in Virginia
Three people are on trial in Virginia for allegedly using false
identities to send millions of unsolicited commercial emails to
AOL customers. Though the defendants are from North Carolina,
the trial is in Virginia the physical location of AOL's servers.
Virginia has the harshest anti-spam law in the country; if the
three are convicted of the charges against them, they could face
up to 15 years in prison.
October 2004 - Company Tries to Gain Competitive Edge Through
In an example of what attorney Mark Rasch says is a growing trend
of cyber intrusion for profit, Getloaded.com accessed information
on Truckstop.com's web site, without authorization. Truckstop.com
had established a solid business of finding loads for long haul
truck drivers so they don't have to make return trips with empty
Getloaded.com wanted a piece of the action. Judge Andrew J. Kleinfeld
issued an opinion for the United States Court of Appeals for the
October 2004 - Average Home User's PC Rife with Spyware, Weak
A survey from America Online and the National Cyber Security Alliance
found that the average home user's PC is not as secure as its
owner may think. The survey included an inspection of the computers
belonging to 329 respondents. Despite the fact that 77% of the
participants said they believed they were protected from security
threats, two-thirds lacked the combined protection of current
antivirus software and a firewall, though 85% do have anti-virus
software installed. 72% used their computers to conduct sensitive
personal business, such as banking or the transmission of medical
information. The inspections of the computers found 80% contained
multiple spyware programs, and 20% were infected with a virus.
October 2004 - Red Hat Warns of Phony Patch Messages
Red Hat has published a warning about phony security alerts circulating
on the Internet; the messages purport to be a Red Hat patch for
a critical vulnerability but in fact contain malicious code. Red
Hat says all updates from them are digitally signed and that the
signature should be verified before anything is installed.
October 2004 - Malware Targets Mac OS X
The Opener or Renepo-A malware is a Mac OS X rootkit that includes
a keystroke logger and backdoors. Opener is a shell script requiring
superuser privileges for installation and is not spreading.
October 2004 - Judge Issues Restraining Order Against Alleged
US District Judge Joseph DiClerico has issued a restraining order
against Stanford Wallace, known as the "Spam King,"
and his companies, ordering them to disable spyware programs.
A hearing is scheduled for November 9, 2004.
October 2004 - Seoul Government Bans Internet [Instant] Messenger
The Seoul (South Korea) Metropolitan Government has prohibited
its employees from using Internet [instant] messaging, chat services
and "connections to harmful Internet sites" in order
to guard against information leaks. ("protect internal information")
October 2004 - Brazil police arrest over 50 in phishing Trojan
Federal police in Brazil have arrested more than 50 people for
stealing money from internet bank accounts with a series of phishing
Trojan horses. Allegedly, in the region of $30 million is said
to have been stolen from online banking customers. http://www.sophos.com/virusinfo/articles/brazilarrest.html
October 2004 - Singapore Likely to Increase Penalties for Piracy
Singapore's parliament is considering amendments to the country's
Copyright Act which would impose a maximum sentence of 6 months
in jail and a fine of S$20,000 (US$12,000) for people convicted
of Internet piracy for the first time. Repeat offenders would
face three years in jail and fines of S$50,000 (US$30,000). The
amendments are likely to pass in mid-November and become law on
January 1, 2005.
October 2004 - ID theft, phishing altering online habits
Consumers, increasingly fearful of identity theft, want more security
before they'll engage in online banking and other Internet-based
services, according to a survey released Tuesday.
October 2004 - Man sentenced to 2 1/2 Years in Prison for Accessing
Daniel Baas has been sentenced to 2 1/2 years in prison for breaking
into business and law firm computer systems to access legal documents,
financial data and other material that he copied for himself.
Baas pleaded guilty to unauthorized computer access. Baas is also
awaiting sentencing for his role in breaking into Acxiom Corp.'s
October 2004 - 12 Arrests Made in Hong Kong Phishing Scheme
Law enforcement officials have arrested 12 people in connection
with a phishing scheme in Hong Kong that allegedly resulted in
the loss of HK$600,000 (approximately US$77,000). Six of the suspects
have been charged with theft and face sentences of up to 10 years
in jail if they are convicted.
October 2004 - NZ Health Ministry Official Sentenced to 3 Years
in Jail for Cyber Theft
New Zealand Health Ministry employee John Denison has been sentenced
to 3 years in jail for breaching the security of the Ministry's
banking system and diverting $2.15 million to his own account,
established with fictitious documents. Wellington District Court
Judge Robert Kerr has suppressed details of Mr. Denison's attack.
October 2004 - UK Court Charges Four in Large Phishing Scheme
A London court has charged four Eastern European people with phishing,
marking the first case in which charges have been brought against
people for phishing, according to Britain's National Hi-Tech Crime
Unit (NHTCU). The four, who allegedly defrauded banks of a considerable
amount of money, are scheduled to appear at a preliminary hearing
on October 21.
October 2004 - Business Software Alliance Annual Sweep Brings
The Business Software Alliance's most recent anti-piracy sweep
netted more than US$2.2 million in out-of-court settlements with
25 companies. The watchdog group seeks out companies that are
using software in violation of licensing agreements and copyright
laws. The money will be put toward educational initiatives, such
as a campaign aimed at children to discourage them from using
peer-to-peer networks for trading copyrighted material. http://news.zdnet.com/2102-3513_22-5406668.html?tag=printthis
October 2004 - DOJ Would Like to See Intellectual Property Laws
The US Department of Justice released a report singing the praises
of both the Piracy Deterrence and Education Act, which makes it
a crime to use certain file sharing products, and the Induce Act,
which would allow lawsuits to be brought against companies whose
products "induce" people to illegally trade copyrighted
materials. The DoJ report calls for significant changes to US
intellectual property law, maintaining that piracy through peer-to-peer
file sharing networks is a significant problem.
October 2004 - Funner Worm
The Funner worm spreads by sending itself to contacts it finds
in Microsoft's MSN Messenger; it then modifies the registry and
overwrites hosts file entries.
October 2004 - Alleged Spammer Settles Case with Massachustts
DC Enterprises and its owner William Carson have settled a case
brought by Massachusetts Attorney General Tom Reilly alleging
that the company and Carson violated the CAN-SPAM Act and the
Massachusetts Consumer Protection Act by sending out unsolicited
commercial email that did not provide valid opt-out provisions.
The case is the first to be brought under CAN-SPAM in the state
of Massachusetts. Carson and DC Enterprises will pay US$25,000
and will cease to violate the CAN-SPAM Act and Massachusetts mortgage
broker and advertising laws. http://news.zdnet.com/2102-9588_22-5406062.html?tag=printthis
October 2004 - South Korean Police Arrest Prolific Cyber Criminal
The Cyber Terror Response Center of South Korea's National Police
Agency has arrested a man who allegedly broke into 1,152 computer
systems since March 2003. The man, who has been identified only
as Lee, used to work at an information security company. Police
are investigating the possibility that he may have sold information
he accessed through his break-ins.
4 October 2004 - Malicious JPEG File Posted on Newsgroups
A malicious JPEG file has been posted on some newsgroups; code
embedded in the file attempts to exploit a recently disclosed
JPEG flaw which could allow attackers to gain control of infected
October 2004 - Sony Japan Will Stop Making CDs with Copy Protection
Citing an increased awareness of copyright and piracy issues as
well as more stringent laws to punish violators, Japan's Sony
Music Entertainment will stop incorporating copy protection into
their CDs. It is also probable that customer dissatisfaction with
the arrangement factored into the company's decision.
October 2004 - North Korea Has Trained 500+ in Cyber Warfare,
According to a South Korean Defense Ministry report, North Korea
has trained more than 500 people in cyber warfare tactics. The
cyber troops reportedly went through a five-year training course
focusing specifically on infiltrating computers in South Korea,
Japan and the US.
October 2004 - Yoran Resigns DHS Cyber Security Position
DHS National Cyber Security Division director Amit Yoran has resigned
his position as of September 30. Yoran, who held the position
for one year, said he has achieved his goals: building the division
and US-CERT. Some say Yoran's resignation points to the need to
elevate the position within DHS.
September 2004 - RIAA Files 762 New Suits
The Recording Industry Association of America (RIAA) has filed
against 762 people for allegedly trading music over the Internet
and violating copyrights. The defendants are unnamed, identified
only as "John Doe" and by an IP address; this allows
the RIAA to seek subpoenas that would require ISPs to reveal their
customers' names. Individuals at 26
universities and colleges across the country have been named as
defendants, but the RIAA has not filed suits against the schools
[Editor's Note (SANS): See this story for raids on P2P in the
island nation of Iceland. Bandwidth usage on the island nation
apparently dropped 40% as word of the raids spread.
September 2004 - Man Pleads Guilty to Spamming Through Hijacked
Nicholas Tombros has pleaded guilty to sending spam through other
people's wireless accounts which he accessed without authorization.
Tombros pleaded guilty to one felony count; when he is sentenced
on December 27, he could face up to six months in jail. The case
is believed to be the first criminal conviction under the federal
September 2004 - Governor Schwarzenegger Signs Anti-Spyware Bill
California Governor Arnold Schwarzenegger has signed a bill which
makes it illegal to install spyware on computers without authorization.
The legislation would allow people to sue those responsible for
installing the software for damages. The bill also prohibits keystroke-logging
and software which takes control of others' computers in order
to send spam or spread malware. the bill has been criticized for
September 2004 - House Passes Piracy Deterrence and Education
The US House of Representatives has passed the Piracy Deterrence
and Education Act of 2004, which expands the scope of file traders
who may be prosecuted for their actions from those who "willingly"
copyrighted material to those who "knowingly" do so.
September 2004 - UCLA Will Warn Students About Copyright Infringement,
but Won't Snoop
The University of California at Los Angeles (UCLA) is using a
system to warn students who have been identified as pirating copyrighted
digital content, like movies and music, but the school has chosen
to stop short of actually snooping on the students' activity,
saying doing so would violate their privacy.
September 2004 - Security violations lead to terminations
best medicine for those who violate patient privacy is a pink
slip and full press coverage, according to the CIO for several
prestigious medical institutions.
24 Sept 2004 - Microsoft Files Suits Against Alleged Spammers
and Web Hosting Company
Microsoft has filed lawsuits against eight individuals and one
web hosting company for their alleged involvement in sending spam.
Microsoft attorney Aaron Kornblum said the suit against the web
hosting company marks the first time action has been taken against
a web host that "caters to spammers."
September 2004 - Networked Photocopiers' Content Can Be Exposed
Carefully crafted searches on Google can reveal login details
for photocopiers that are network connected; attackers can use
the information to see what is being copied. Organization security
staff should check Google regularly for cached information on
company domain names; Google will remove information if requested.
September 2004 - Ernst & Young's 2004 Information Security
Ernst & Young's 2004 Information Security Survey, which includes
data from 1,233 organizations, found that most concentrate on
external security threats, like viruses and worms, but neglect
insider security threats. Respondents named lack of user security
awareness the top impediment to information security, yet only
28% of respondents named user education as a top priority for
the coming year. Ernst & Young recommends that organizations
create a security-conscious environment from the top down, with
management leading by example. http://www.theregister.co.uk/2004/09/23/insider_risk/print.html
[SANS Editor Note (Northcutt): A dollar invested in awareness
training yeilds far more results than buying yet another security
September 2004 - BSA Has 700 Active Piracy Investigations in U.S.
Though the incidence of software piracy has dropped from 50% to
33% over the last 10 years, the Business Software Alliance still
keeps busy; the software publishers watchdog organization presently
has 700 active investigations in the United States. The penalties
for companies using pirated software can add up: copyright holders
can sue for damages and profits, as well as for statutory damages
of as much as US$150,000 per
instance of piracy. http://www.computerworld.com/printthis/2004/0,4814,96109,00.html
September 2004 - FDIC Issues Instant Messaging Guidelines
The Federal Deposit Insurance Corporation (FDIC) has issued instant
messaging (IM) guidelines which, while intended for organizations
within the financial industry, are sensible enough for companies
in any industry to adopt. The guidelines include setting up firewalls
to block incoming and outgoing public IM traffic, creating rules
to block IM delivery and file sharing and deploying strong antivirus
and patch management programs.
September 2004 - Man Arrested in Connection with Cisco Source
UK police arrested a 20-year-old man on September 3 in connection
with the theft of Cisco source code. The man was arrested in the
wake of raid on several homes; investigators are examining property
confiscated during the raids, including a number of PCs. More
than 800MB of Cisco source code was posted to a Russian security
site in May of this year.
September 2004 - Father and Son Sentenced in Software Piracy Case
A criminal court in Stuttgart, Germany has sentenced two men two
men on charges of piracy of Microsoft software. Dieter Rimmele
received a sentence of three years without parole; his father,
Hubert Rimmele, received a 16-month jail sentence and was ordered
to perform 100 hours of community service. Several days later,
German police arrested four people for allegedly selling pirated
software, movies, games and music over the Internet. http://www.computerworld.com/printthis/2004/0,4814,95908,00.html
September 2004 - USD87 Million Worth of Pirated Software Seized;
A two-year investigation has culminated in conspiracy charges
being brought against 11 people in what is possibly the largest
seizure of pirated software in the US. The software and accompanying
documentation have an estimated value of USD30 million, and could
be as much as USD87 million. All 11 have been indicted and were
scheduled to appear before a judge on Monday, 20 September. If
they are convicted, they face federal prison sentences of between
15 and 75 years.
September 2004 - FTC Considers Offering Bounties for Spammer Convictions
The US Federal Trade Commission would like to be able to prosecute
more spammers, but given the lack of admissibility of much of
the evidence they use in identifying spammers, this has proven
problematic. What they need is hard, admissible evidence, probably
provided by an insider. Such evidence would likely be provided
only if there were a bounty program, much like Microsoft's $250,000
bounty for the successful prosecution and conviction of malware
September 2004 - Some LANL Employees Lose Jobs, Others Cleared
Of the 23 people suspended from their jobs at Los Alamos National
Laboratory (LANL) this summer in the wake of an investigation
triggered by security problems, four have been fired, one is likely
to resign, 7 have been demoted, 10 have been cleared of any wrongdoing
and one is still on investigative leave.
September 2004 - Phishers Target Gmail Accounts
Some phishers are now trying to steal Gmail accounts. The phishing
email informs Gmail users that they can invite friends to sign
up for a Gmail account if they fill out a form that includes their
Gmail address and password. Gmail accounts are in demand because
of their limited availability. Google does send out free invitations
for users to send to friends, but all the users need to do is
click on a button, rather than providing their personal account
September 2004 - Man Pleads Guilty in Identity Theft Case
Former Teledata employee Philip Cummings has pleaded guilty to
one count each of conspiracy, fraud and wire fraud for his role
in an identity theft scheme. Cummings's position at Teledata gave
him access to user names and passwords which allowed him and his
alleged accomplices to access and download credit reports from
all three major credit bureaus. His sentencing is scheduled for
January 11; he could receive a maximum prison term of 50 years.
Cummings and an alleged accomplice stole more than 30,000 credit
reports. Two other alleged conspirators are scheduled to go to
trial on November 3.
September 2004 - PWC/CIO Magazine 2004 State of Information Security
The 2004 State of Information Security study from PricewaterhouseCoopers
and CIO Magazine found that North America and Europe led South
America and Asia in security and best practice implementation.
64% of the companies surveyed said they expected security spending
to increase this year. The study was conducted online in late
March and April 2004; more than 8,000 CIOs, CFOs, CEOs, VPs and
directors of IT and security from 62 countries responded to the
8 September 2004 - Singapore Bank is Latest Phishing Mark
Phishers have targeted customers of Singapore's OCBC Bank Internet
banking service. OCBC said that the phony site which was being
used to try to steal customers' account information has been shut
down. OCBC has notified the police and the Monetary Authority
8 September 2004 - Savvis Shuts Down Spammers' Service
St. Louis, MO-based Savvis Communications, an international Internet
service provider, says it will cancel service for about 40 customers
who are known to be using the network to send spam. Savvis made
the decision only after pressure from anti-spam organizations.
The company had, according to leaked internal memos, known about
the problem for several months but had dragged its feet about
doing something to remedy the situation because it would feel
a financial pinch.
September 2004 - House Committee Approves Anti-Piracy and Spyware
The House Judiciary Committee has approved the Piracy Deterrence
and Education Act of 2004 which, if enacted, would impose a sentence
of up to five years for people convicted of illegally sharing
copyrighted music and movies over the Internet. The bill will
next head to the House for debate. The committee also approved
the Internet Spyware Prevention Act of 2004, a measure which criminalizes
the act of placing spyware on people's computers without their
8 September 2004 - How Hackers Infect PCs To Spread Spam and
In a landmark study of the economics and techniques of hackers,
two top reporters from USA Today have painted a vivid picture
of what is really going on in cyber crime today and how it involves
millions of home and business users. This article is the first
of two parts. Part One vividly illustrates the problem and ends
with the challenge: "Consumer outrage needed." On Thursday,
September 9, Part Two shows that the problem will just get worse
if vendors and ISPs continue to refuse to do their fair share
to reduce the risk.
September 2004 - California State University Hard Drive was Probably
The disappearance of a hard drive containing the names, addresses
and social security numbers of 23,000 students, faculty and staff
at California State University campuses has prompted university
officials to contact everyone whose information may have been
exposed, as required by a new state law. All those affected received
letters though there have been no reports of identity theft; a
police investigation concluded that the drive in question was
probably thrown away by mistake rather than stolen.
September 2004 - Man Receives Three Year Sentence for Software
Alexander Tobolsky has been sentenced to just over three years
in prison for copyright infringement. Mr. Tobolsky sold pirated
copies of Intuit financial software over the Internet.
August 2004 - Man Enjoined from Spamming Verizon Wireless Customers
Verizon Wireless has won a permanent injunction against a Rhode
Island man who allegedly sent a plethora of spam text messages
to the company's customers. According to the ruling, Jacob Brown
is prohibited from sending any more messages to Verizon Wireless
27 August 2004 - Operation Web Snare Leads to 150 Arrests
Sophos has welcomed the US authorities' firm action against suspected
spammers, phishers and other cybercriminals in "Operation
Web Snare". Read more about the arrests made so far.
August 2004 - Trojans Target British Banking Customers
Experts at Sophos have warned computer users about Trojan horses
that try to steal account details from users of a number of British
online banks. http://www.sophos.com/virusinfo/articles/tofger.html
August 2004 - Australian PM Admits Hiring Son to Send Political
Spam to Voters
Australian Prime Minister John Howard admitted he hired his son's
company to send out political spam to voters. Some are saying
that Howard has violated the country's anti-spam laws. While the
laws prohibit the sending of unsolicited commercial email, charities
and political groups are exempt. However, Howard's use of his
son's company, which is commercial, violated "the spirit,
if not the letter of the anti-spam laws," according to opposition
spokeswoman Kate Lundy.
August 2004 - Study Says Insider Attacks Don't Require Great Technical
A Secret Service and CERT Coordination Center study of insider
attacks at financial institutions found that most attacks did
not require much "technical sophistication"; in fact,
87% of the attacks were made using "simple, legitimate user
commands." In addition, most attacks were driven by desire
for financial gains and were planned -- in 85% of the cases, someone
else knew about the plan to launch an attack. The study took into
account 26 attacks at financial services providers that occurred
between 1996 and 2003.
August 2004 - Phishers Target German Banks' Customers
Phishers have begun targeting customers of German banks; there
have been reports that customers of Postbank and Deutsche Bank
have received phony email messages that try to trick them into
revealing account and PIN numbers. No bank customers have lost
money though some have come close. Two Postbank customers nearly
lost 21,000 Euros between them, but the transactions were caught
-- one by a customer and the other by the bank.
August 2004 - Winamp Flaw Allows Spyware Onto Computers
Adware makers can exploit a flaw in Winamp to place their stealth
programs on people's computers. The problem stems from the fact
that Winamp allows skin files to run programs. Winamp is a digital
music player made by Nullsoft, an AOL subsidiary. The company
is aware of the vulnerability but has not yet come up with a fix.
August 2004 - DoJ Seizes Property in P2P Network Investigation
The Justice Department executed search warrants in three states
and seized computers and other equipment as part of a investigation
into a peer-to-peer network that was sharing copyrighted movies.
music and games. The Underground Network, which is the focus of
this investigation, is managed by hub computers that restricted
who could participate. http://www.eweek.com/print_article/0,1761,a=134097,00.asp
August 2004 - International Effort Breaks Worldwide Piracy Ring
More than 100 people have been arrested worldwide in connection
with an on-line piracy ring. The arrests were the result of a
cooperative effort between the UK, the US, Australia, Poland and
Slovakia. Ring members apparently broke into computers at academic
institutions and used their disk space to serve the pirated content.
August 2004 - Former Employee Faces Prison and Fine for Alleged
Patrick Angle of Columbus, Indiana has been charged with breaking
into the computer system of his former employer, Varian Semiconductor
Equipment Associates Inc. Angle allegedly broke into the system
when he discovered his contract was going to be terminated, then
allegedly deleted source code for software he had been developing.
He also allegedly altered log information. Varian was able to
recover the lost data from backup systems at a cost of USD 26,455.
If he is convicted of the charges against him, Angle could face
a ten-year prison sentence as well as a fine of up to USD 250,000
August 2004 - Report Shows Which Countries Export The Most Spam
Sophos researchers have identified which countries are pumping
out the most spam. Find out which country is the worst offender,
and how innocent unprotected computers are adding to the spam
August 2004 - Is Your Webcam Spying on You?
The Rbot-GR worm can take over webcams, and may be secretly spying
on you in your home or office. Read more now and ensure you are
August 2004 - MPAA Files Suits Against DVD Chip Manufacturers
for Illegal Sales
The Motion Picture Association of America (MPAA) has filed lawsuits
against two DVD-chip manufacturers, Sigma Designs and MediaTek,
for allegedly selling chips to companies that are breaking copy
protection rules. The products in question include features that
are not allowed under the general DVD technology license. Furthermore,
selling the chips to those companies violates the terms of the
license Sigma and MediaTek had to sign in order to manufacture
the chips in the first place.
August 2004 - Cyberharassment Q & A
This article defines cyberharassment and cyberstalking, offers
advice for avoiding becoming a victim and discusses how current
law views cyberharassment and cyberstalking.
August 2004 - IM Adoption Slowed by Security, Compatibility Concerns
Businesses are slow to adopt instant messaging due to a lack of
interoperability and security concerns, according to the Yankee
August 2004 - RIAA Suits Against Individuals Proceeding
The Recording Industry Association of America (RIAA) continues
to pursue lawsuits against individuals for copyright violations
in which music is illegally downloaded. While people would like
to fight the lawsuits, they more often than not find it too expensive
and end up settling with the RIAA. Nearly 4,000 people have been
sued since the RIAA began filing the suits in September 2003.
August 2004 - Study: Organizations Not Taking Mobile Device Security
Concerns to Heart
According to a study from Forrester Research, most organizations
have not put mobile device management systems in place despite
the security threats the devices pose. Of the companies surveyed
for the study, only
9% had deployed systems to manage mobile devices; an additional
20% were piloting or planned to deploy a management plan.
August 2004 - New AIM Trojan Steals Financial Data
A new variant of Download.ject is threatening AIM users, opening
backdoors and stealing financial data.
August 2004 - Unpatched PCs Infected In Minutes
New, unpatched and unprotected computers survive only about 20
minutes before being exploited. Last year the survival time was
nearer 40 minutes. http://www.gcn.com/vol1_no1/daily-updates/26967-1.html
August 2004 - UK Police Warn of Phishing Scam that Uses Key-Logger
The UK's National Hi-Tech Crime Unit (NHTCU) has issued a warning
about a key-logging Trojan horse program that attempts to steal
online banking account numbers and PINs. Phishers send out spam
email that appears to be an invoice and provides a link for recipients
to view more details about the order. The link in fact leads to
a site that downloads a Trojan horse program onto vulnerable computers.
August 2004 - Teenager Pleads Guilty to Creating and Spreading
19-year-old Jeffrey Lee Parson has pleaded guilty in federal court
to creating and distributing the Blaster.B worm one year ago this
month. Parson also admitted he added a Trojan horse program to
Blaster.B that let him gain access to infected computers. He could
face a prison term of up to just over three years when he is sentenced
in November, and may also be required to pay millions of dollars
in fines. http://www.computerworld.com/printthis/2004/0,4814,95199,00.html
August 2004 - Copier Security
As copiers gain functions like the ability to scan, fax and store
documents, they become increasingly vulnerable to cyber attacks.
Embedded operating systems in copiers make them vulnerable to
MSBlast and similar malware. Some copier manufacturers have begun
offering security features like firewalls, secure network interface
cards and the ability to electronically shred data after it has
been stored on the copier's hard disk.
August 2004 - eMail Security Companies Say They Will Support Sender
A number of email security companies voiced support for Microsoft's
Sender ID sender authentication standard and said they would incorporate
it into their products. The companies had gathered at a summit
requested by the eMail Service Provider Coalition (ESPC) and hosted
August 2004 - MPAA Says Case Shows Copyright Infringement Will
Not be Tolerated
The Motion Picture Association of America has reached a settlement
in a copyright violation case with 321 Studios over the company's
DVD copying software. Citing the expense of fighting lawsuits,
321 Studios ceased operations after the settlement. MPAA views
its victory in the suit as a clear message from the courts that
copyright infringement will not be tolerated. A Taiwanese site,
DVDXCopy2.com, was reportedly offering to sell the software once
sold by 321 Studios, but the site was down as of August 12.
August 2004 - Illinois College Student Allegedly Downloaded Information
from Student Database
Three computers have been seized and three Southern Illinois University
Evansville students questioned in connection with a database intrusion.
A student allegedly downloaded the names and passport information
of 500 foreign students, according to a search warrant filed by
university police. The database was established by the university
to comply with USA PATRIOT Act provisions. A university spokesman
says he expects the university to seek criminal charges. The breach
was discovered during
a university Office of Information Technology daily log check.
While the system does not allow the alteration of data, it was
set up to allow database access without a password.
August 2004 - Two Arrested in DVD Piracy Case
US and Chinese law enforcement officials worked together on an
investigation that led to the arrest of two US nationals in connection
with a DVD piracy ring.
July 2004 - Sophos Reveals Top Viruses in July 2004
A report published by Sophos has reveals which viruses and internet
hoaxes caused the biggest nuisance last
July 2004 - Alleged Spammer Halted, Assets Frozen
A US District Court judge has issued a temporary restraining order
that prohibits Creaghan A. Harry from sending spam and blocks
his assets. Harry allegedly sent millions of spam messages advertising
human growth hormone products; the Federal Trade Commission received
40,000 complaints about Harry's practices in the first five months
of 2004. The FTC filed a complaint against Harry in July, alleging
that a number of his actions, including spoofing return addresses
and using open proxies, violate the CAN-SPAM Act. Harry has conducted
business in Florida under a number of aliases.
July 2004 - 70% of Virus Activity Linked to German Teenager
A report published by Sophos has revealed that 70% of virus activity
in the first half of 2004 can be linked to the German teenager
who admitted writing the Sasser and Netsky worms.
26 July 2004 - Trojan Disguises Itself as Bin Laden Suicide
Experts at Sophos have warned computer users that a file posing
as photographic evidence that Osama Bin Laden has killed himself
is in fact infected by the Hackarmy Trojan horse.
July 2004 - Treasury Dept. Audit Finds Security Problems at IRS
A report from Treasury Department auditors found that "lax
security policies" regarding contractors at the Internal
Revenue Service (IRS) placed taxpayer data at risk. Contractors
were often provided with outdated systems which were insecure;
in some instances, contractor employees were granted root access
privileges. The report recommends giving contractors updated workstations
and allowing them access with only the minimum required access
privileges. The report also noted the lack of documentation that
all contractor employees had undergone the necessary background
checks. Another report from auditors took the IRS to task over
the unauthorized use of PDAs at the agency.
July 2004 - Florida Man Charged in Acxiom Corp. Data Theft
Scott Levine of Boca Raton, Florida has been indicted on charges
of breaking into Acxiom Corp.'s computer system, stealing personal,
financial and company data, and hiding evidence. Levine allegedly
stole more than 8 gigabytes of data and caused US$7 million in
damages. The information was apparently placed on Levine's company's
system and sold to customers; Levine runs Snipermail.com, a bulk
mailing concern. Six Snipermail.com employees who were not named
in the indictment have reached agreements with prosecutors, some
of which will result in guilty pleas. In a separate case last
year, Daniel Baas of Ohio pleaded guilty to breaking into Acxiom's
July 2004 - CD Piracy Market More than US$4.5 Billion
A study from the International Federation for the Phonographic
Industry (IFPI) indicates that CD piracy was a US$4.5 billion
market last year,
approximately 15% of the global recorded music market.
22 July 2004 - Software Pirate Sentenced to 5 1/2 Years in
A German judge has sentenced Ralph Blasek to 5 1/2 years in prison
for running Europe's largest pirated software ring. Blasek's actions
Microsoft US$4.5 million, according to a court spokesman. Blasek's
sentence does not include the possibility of parole.
July 2004 - Phishers Now Using IM
Some people running phishing scams are now using instant messaging
to lure people to their phony sites. Many instant messaging systems
use weak authentication schemes.
July 2004 - Many Companies Monitor Outgoing eMail
According to research from Forrester Consulting, 44% of large
companies in the US employ someone to monitor outgoing electronic
communication, and nearly half conduct regular audits of company
email. The impetus for the monitoring stems from fears that employees
are leaking trade secrets or intellectual property. Smaller companies
were more likely to be concerned about attachments and whether
or not their company's
communications were in compliance with Sarbanes-Oxley and other
July 2004 - Missing Sandia Disk Found
A computer disk reported missing at Sandia National Laboratory
at the end of June has been found, but officials are not releasing
any further details.
July 2004 - Microsoft Wins Nearly US$4 Million in Spam and Trademark
The US District Court for the Central District of California has
ordered Daniel Khoshnood to pay Microsoft US$3.95 million for
trademark infringement, false advertising and cybersquatting.
Khoshnood sent out spam messages that claimed an affiliation with
Microsoft, but had none.
July 2004 - Oxford Univ Students Could Face Suspension and Fines
for Computer Intrusion
Two first-year Oxford University students could be fined GBP 500
or suspended from their school for breaking into the university's
computer and writing a story about it for a student newspaper.
The two say they used a program they obtained on Google to break
into university IT systems, view live CCTV and access systems
that contained sensitive data. http://www.theregister.co.uk/2004/07/16/oxford_uni_hackers/print.html
July 2004 - Adrian Lamo Sentenced for NYT Intrusion
A federal judge has sentenced Adrian Lamo to two years of probation,
six months of which will be served in home detention for breaking
into the New York Times' computer system. Lamo will also have
to pay a fine of
July 2004 - Identity Theft Penalty Enhancement Act Becomes Law
President Bush has signed the Identity Theft Penalty Enhancement
Act, which increases the federal penalty for identity theft from
three to five years; it also adds five years to prison sentences
for those convicted of using another person's identity to commit
terrorism. In addition, the act makes aggravated identity theft
a crime; people convicted of using others' identity in the commission
of a felony will have an additional two years tacked on to their
July 2004 - California Department of Insurance Suffers Cyber Intrusion
The California Department of Insurance has begun informing nearly
600 people that their personal information was contained on a
server that was accessed without authorization. Those affected
were in the process of applying for insurance provider licenses.
The data on the server was encrypted.
July 2004 - PC Stolen from Intuit Office Contained Customer Data
Intuit has informed 47,000 customers that a computer stolen from
a company office in Omaha, Nebraska, contained password-protected
customer data such as names and credit card information. A company
spokesperson says there has been no evidence that any of the information
has been used to steal identities; the thieves were more likely
after the hardware than the PC's data. The company is offering
three months of free personal information and credit monitoring.
July 2004 - Man Allegedly Broke Into Verizon Computers, Posted
Passwords on Internet
William Quinn of Eastchester, NY, has been indicted on charges
he broke into Verizon Communications computers for the company's
Direct Access testing Units (DATU); Quinn also allegedly posted
the passwords to the system he had obtained on the Internet along
with instructions for using them. Verizon spent US$120,000 to
address the problems Quinn allegedly created. If he is convicted
on all charges against him, Quinn could face five years in prison
and a fine of as much as US$250,000.
July 2004 - Former AltaVista Employee Arrested for Allegedly Stealing
Laurent Chavet, a former AltaVista employee who is currently employed
at Microsoft, has been arrested on charges that he stole source
code from his former employer after he stopped working there.
According to an anonymous source, Chavet had been working on Microsoft's
July 2004 - UK Teen Charged with Flooding Former Employer with
5 Million eMail Messages
A teenager who was fired from a UK insurance company faces a six-month
jail sentence or a fine of as much as 5,000 GBP under the Computer
Misuse Act for sending his former employer 5 million email messages.
The company was forced to shut down its web site while it attended
to the deluge, and reportedly lost 18,000 GBP as a result.
July 2004 - More Classified Data Storage Missing from Los Alamos
An inventory check at Los Alamos National Laboratory (LANL) last
week revealed that two Classified Removable Electronic Media (CREM)
items were missing from the facility's Weapons Physics Directorate.
laboratory director plans to launch a full inquiry. Another classified
removable electronic media item was reported missing from LANL
in May of this year as well, though that item had been scheduled
to be destroyed; the information discovered to be missing last
week was to be used in forthcoming experiments.
July 2004 - Pirated Software Cost US$29 Billion Last Year, Says
A Business Software Alliance (BSA) survey says that global trade
in pirated software was nearly US$29 billion in 2003, about 60%
of the US$51 billion in legitimate desktop software sales worldwide.
July 2004 - Piracy Ring Cracked in Hong Kong
Hong Kong's Customs and Excise Department says it has broken a
large software piracy ring and is trying to freeze the group's
assets which are valued at 20 million Hong Kong dollars, or US$2.6
million. Eight people have been arrested but not yet charged.
July 2004 - Small Storage Devices Pose Security Threat, Says Gartner
A study from Gartner maintains that iPods and other small, portable
storage devices pose a serious security threat to businesses.
Not only can they introduce malware into company networks, but
they could also be used to steal proprietary information. Gartner
advises companies to forbid the use of privately owned storage
devices with company machines. http://www.computerworld.com/printthis/2004/0,4814,94319,00.html
30 June 2004 - Top Ten Viruses and Hoaxes for June 2004
Sophos reveals which viruses have been causing the biggest problems
in June 2004, and which hoaxes have tried to create havoc. Can
you guess which viruses is in the number one position?
June 2004 - Hungarian Teen Sentenced for Porn Worm
The teenage author of the Magold worm has been sentenced in Hungary.
The worm, posing as an erotic screensaver, was distributed early
June 2004 - Phishing Attacks Rise Only Slightly in May
A report from the Anti-Phishing Working Group indicates that the
number of phishing attacks in May, (1,197) was 6% higher than
the number detected in April (1,100). April's figure marked a
%178 increase from March's numbers. The group also noted that
because 95% of email fraud schemes use spoofed "from"
addresses, an email sender authentication method is needed to
stop phishing attacks.
25 June 2004 - House Approves Spyware Bill
The House Energy and Commerce Committee has approved a bill that
would require purveyors of software that collects information
about computer users to notify the users before it is installed
on computers. The bill would also require that spyware be easy
to remove and would allow the FTC to impose significant fines
for certain practices, like logging keystrokes or stealing identities.
A separate spyware bill has been introduced in the Senate. Technology
companies have expressed concern that the bill could hinder legitimate
June 2004 - Russian Student Convicted on Spam Charges
A Russian teenager is the first person in his country to be convicted
of spending spam. The unnamed student receives a one-year suspended
sentence and a 3,000 RUR (just over 100 USD) fine for sending
text message to 15,000 cell phone customers.
June 2004 - AOL Employee Arrested for Alleged Theft of 92 Million
Jason Smathers, a software engineer working for America Online,
has been arrested on charges he broke into the ISP's computer
database and stole 92 million customer e-mail addresses which
were later sold to spammers. Smathers allegedly used the identification
code belonging to another AOL employee to access the data he allegedly
stole; his employment duties did not give him access to the customer
data. Smathers also allegedly sold the list of names to Sean Dunaway
of Las Vegas, who runs an Internet gambling business. Dunaway
has also been arrested; both men face maximum prison sentences
of five years and $250,000 fines.
June 2004 - Four Charged with Unauthorized Access to NC University
Campus Police Computers
Police have charged four men for allegedly gaining unauthorized
access to North Carolina State University's campus police computer
system and posting phony incidents. One of the four allegedly
found a password to
a secure area and shared it with the others.
June 2004 - Spammers Bypass Outlook 2003 Security
Spammers have discovered how to bypass Outlook 2003's anti-spam
security that scans incoming email for language that indicates
it could be spam and which also allows users to prevent HTML email
content from the Internet. The spammers attach an image file to
the email and then use HTML code to display the image, which can
contain words the filter would otherwise have caught.
18 June 2004 - House Subcommittee Approves Spyware Act
The US House Subcommittee on Commerce, Trade and Consumer Protection
has approved the Securely Protect Yourself Against Cyber Trespass
Act (or SPYACT), which would impose fines of up to USD$3 million
for collecting information, "diverting browsers" and
sending certain pop ups to people without express permission.
The bill also requires that spyware purveyors inform and obtain
consent from users before software is installed.
June 2004 - Computer Thieves Caught on Closed-Circuit TV
A closed-circuit television system captured footage of thieves
stealing computers from the pathology department of the Royal
Shrewsbury Hospital in Shropshire, England. The stolen machines
contain eight years worth of confidential patient data. The thieves
probably stole the equipment with the intention of selling it
rather than harvesting the data, according to a National Health
Service spokesman. Police are scrutinizing the tapes for clues.
June 2004 - Coalition Formed to Raise Public Awareness of Phishing
The Federal Trade Commission (FTC), the Better Business Bureau,
Visa USA and other organizations have formed a coalition to inform
the public about the threat of phishing. The coalition aims to
help people understand how to avoid falling into the traps laid
by phishers and how and where to report suspicious email messages.
June 2004 - Audit Finds Nearly One-Third of PCs Scanned in April
The monthly SpyAudit conducted by EarthLink and Webroot found
that almost 134,000 of the more than 420,000 PCs scanned in April
contained a Trojan Horse or system monitor, like a keystroke logger,
that had been deposited by spyware. The April scans also found
"26.9 spyware programs or components per machine."
June 2004 - Missing DEA Laptop Contains Information on Investigations
A Drug Enforcement Administration laptop computer is missing;
it contains information on as many as 100 DEA investigations and
on DEA confidential informants. An auditor in the Justice Department's
Office of the Inspector General reported the laptop had been stolen
three weeks ago; after further questioning, he changed his story
and said that he accidentally damaged the machine and destroyed
it and threw it in a dumpster because he was so embarrassed.
7 June 2004 - IT Security Spending to Rise, According to Study
Spending on information technology security at US companies is
predicted to grow to between 8 and 12% of an organization's IT
budget by 2006, according to a study from Meta Group.
7 June 2004 - Man Pleads Guilty in Lowe's Wireless Intrusion
Brian Salcedo has pleaded guilty to four counts of wire fraud
and unauthorized computer access for his role in an attempt to
exploit a vulnerable wireless network and steal credit card numbers
from Lowe's computer networks. Though Salcedo could face a sentence
of up to 18 years, prosecutors are expected to ask for leniency
in exchange for Salcedo's cooperation in other related investigations.
4 June 2004 - Researchers Say Worst-Case Worm Could Cost USD50
According to researchers at the nonprofit International Computer
Science Institute (ICSI) associated with the University of California
at Berkeley, a worst case worm could cause USD$50 billion in "direct
damages": lost productivity and data and the cost of equipment
and repair. The researchers modeled a scenario in which a worm
that exploited an unpublished vulnerability was released onto
June 2004 - Unpatched Laptops Pose Threat to Internal Networks
Unpatched laptop computers pose a security threat to computer
networks; while some desktop PCs on internal networks may not
be patched against recent worms, they are still protected by corporate
firewalls. Unpatched laptops could then introduce worms into the
organizations' internal networks, causing infections to spread
quickly though the unpatched desktops. Unpatched vulnerable new
computers contribute to the continued spread of older infections,
such as the MSBlast worm.
4 June 2004 - NetSky.P Masquerades as Harry Potter Game
The NetSky.P worm is spreading in large part by exploiting widespread
interest in Harry Potter; the worm appears in peer-to-peer networks
claiming to be a Harry Potter computer game.
4/3 June 2004 - Korgo Worm Steals Passwords, Credit Card Numbers
The Korgo worm, which exploits the same Local Security Authority
Subsystem Service (LSASS) vulnerability as Sasser, opens a back
door that allows the installation of a keystroke-logging program
used to harvest passwords and credit card numbers.
June 2004 - RCMP Arrest Suspected US Government Computer Intruder
At the request of the FBI, Royal Canadian Mounted Police have
arrested a man who allegedly broke into a router that is connected
to a US Supreme Court warehouse; the individual arrested is also
compromising a number of computers.
June 2004 - Tokyo Police Arrest Disgruntled, Demoted Employee
for Alleged Server Intrusion
Tokyo police have arrested a man who allegedly broke into a Takachiho
University server after the university demoted him. Royoichi Nakayama
allegedly used a password to access the server and read others'
rendering the bulletin board inaccessible. Nakayama was formerly
employed by the university as a computer expert, but was transferred
to a position as a clerk at the institution's library after the
university found him responsible for problems with the computer
May 2004 - Anti-Spam Efforts Come Together
Microsoft has announced that it will merge its Caller-ID for email
technology with the Sender Policy Framework (SPF), joining America
Online, EarthLink and Google in supporting the specification.
25 May 2004 - CSO Survey Places Cyber Attack Cost at USD$666
Million in 2003
A survey conducted by CSO magazine with "cooperation"
from the US Secret Service and CERT/CC found that cyber attacks
cost businesses an estimated USD$666 million in 2003. The survey
polled 500 executives and found that more than 40% said cyber
security incidents had increased between 2002 and 2003. More than
40% also said hackers were their number one security concern;
28% placed insider threats as their number one concern. 36% of
those responding say they monitor employees' web use and pertinent
activities to guard against internal threats. http://www.securityfocus.com/printable/news/8767
May 2004 - Deloitte Survey Shows Security Breaches Increased at
Deloitte's 2004 Global Security Survey shows that 83% of financial
institutions surveyed experienced a security breach in the last
year; in the 2002 survey, that figure was 39%. The two technologies
receiving the most attention are identity and vulnerability management.
25% of respondents said their security budgets were "flat."
Deloitte surveyed senior security officers at the top 100 global
May 2004 - Phisher Gets 46-Month Prison Sentence
A Texas federal court judge has sentenced 20-year-old Zachary
Hill to 46 months in prison for his role in a phishing scam. Hill
stole 473 credit card numbers by sending out email messages pretending
to be from AOL and PayPal informing people that their accounts
had expired and requesting them to enter the card numbers into
his phony web forms. Hill then used the card numbers to make $47,000
in fraudulent charges.
May 2004 - Anti-Spammers Infiltrate Spammers' Web Sites; Gain
Anti-spam organizations such as Spamhaus, have gained access to
web sites run by spammers and have learned that virus writers
are using MyDoom, Bagle and other viruses to gain control of computers
to sell to spammers. http://www.theregister.co.uk/2004/05/14/spam_club
May 2004 - "Survivor" Web Site Has Malicious Code
A website designed to attract fans of the Survivor television
series has infected with malicious code. Users who visit the site
without adequate virus detection may get infected by three viruses
coded into scripts embedded in the site's content. http://news.zdnet.co.uk/0,39020330,39154541,00.htm
May 2004 - States Moving To Outlaw Spyware
Utah has already passed an anti-spyware bill and New York and
California are both considering such laws. The US Congress is
considering several different anti-spyware bills. If enough states
pass bills, the case for a national law is strengthened. http://www.washingtonpost.com/wp-dyn/articles/A24746-2004May13.html
May 2004 - Security Policies Fail Because They Are Ignored
Security manager reports that security policies are routinely
ignored in the real world. Even incident handling policies are
ignored, "No one uses these documents. They just sit in a
binder on a bookshelf or in a shared disk...." A single page
Incident Handling step by step guide reference card he created
seems to help.
10 May 2004 - Admitted Sasser Author Arrested
Police say 18 year-old Sven Jaschan of Rotenburg, Germany, has
admitted to creating the Sasser worm. The people who came forward
with technical evidence implicating Jaschan will receive a $250,000
reward from Microsoft if he is successfully prosecuted. Jaschan
is also allegedly the author of some versions of NetSky.
May 2004 - Sasser Hits American Express, Delta Airlines, Universities
May 2004 - Security Breach at Four UCSD Financial Services Department
The University of California San Diego is informing approximately
380,000 students, alumni, applicants, faculty and staff that their
personal details may have been compromised. Four computers at
the school's Business and Financial Services Department experienced
security breaches. The case is being investigated by campus police
and other law enforcement agencies.
May 2004 - Stock-Trading Fraudster Gets Prison Sentence
Van T. Dinh has been sentenced to 13 months in prison for computer
intrusion and identity theft. Dinh tricked someone with an on-line
brokerage account into downloading a Trojan horse program, which
allowed Dinh to log the man's keystrokes and steal his account
information. Dinh then logged into that account and purchased
options that he had placed to sell at an inflated price, hoping
to offset a potential loss of nearly $90,000. After he was caught,
Dinh pleaded guilty to unauthorized access to a protected computer
and securities fraud; he
has also repaid his victim. http://www.securityfocus.com/printable/news/8564
May 2004 - Security Incidents Cost Companies Business
According to a study of more than 100 large UK companies and government
agencies, those that had experienced a security breach saw a 47%
attrition rate in their business-to-business sector. The companies
that did not take their business elsewhere spent slightly less
with the company than they had been previous to knowledge of the
May 2004 - Student Pleads Guilty to Computer Misuse Charges in
A Vietnamese student studying computer engineering in Singapore
has pleaded guilty to charges of computer misuse for sending friends
a keystroke logging program hidden in a game, and using the information
he reaped from that program to steal money from another student.
Nguyen Van Phi Hung faces a fine of up to SGD$50,000 and a ten-year
jail sentence for three of the four charges; the fourth charge
carries a maximum fine of SGD$10,000 and a three-year jail sentence.
3 May 2004 - Sasser Variants Spreading
At least three versions of the Sasser worm are circulating on
the Internet. Sasser exploits a vulnerability in the Local Security
Authority Subsystem Service (LSASS) of certain editions of Windows.
May 2004 - IRS Warns of Phishing Scam
The US Internal Revenue Service has issued a warning about a phishing
scam that tells people they are the subjects of tax investigation
and encourages them to visit a web site and provide personal information
such as credit card and Social Security numbers to dispute the
April 2004 - Wireless Phones Vulnerable to Assortment of Attacks
A Times (UK) investigation found that numerous mobile phones used
at some of Britain's largest companies were susceptible to a variety
of attacks, including downloading text messages and phone lists
as well as
manipulating the phones to act as listening devices.
April 2004 - The Top Ten Viruses and Hoaxes in April 2004
A single family of viruses dominates the chart of the top threats
reported to Sophos in April. Find out which worm is causing the
biggest problem as well as which hoaxes are filling email accounts.
April 2004 - FTC Brings First Charges Under Can-Spam Act
Federal authorities have charged four Detriot-area men under the
Can-Spam Act; this is the first case in which the new law has
been invoked. The four are accused of hiding their identities
while sending huge quantities of unsolicited commercial email.
The FTC has also filed charges against an Australian concern that
is allegedly responsible for large quantities of spam in the US.
April 2004 - Man Arrested in First UK Phishing Case
British police have arrested a 21-year-old man in connection with
a "phishing" attack designed to defraud customers of
an online bank.
April 2004 - Legislators Plan to Address Spyware
Two anti-spyware bills are being prepared in the US House of Representatives.
One bill, sponsored by Representative Jay Inslee (D-Wash.) would
charge spyware authors with criminal penalties and allow state
attorneys general to bring civil cases. The other, sponsored by
Representative Mary Bono (R-Calif.), would ban spyware that does
not obtain specific end-user consent and provide a warning before
installing; it would also grant the Federal Trade Commission power
to create regulations requiring companies to allow spywear and
adware to be uninstalled. Both bills would preempt existing state
April 2004 - Bagle.Y Spreads Through eMail and Network Shares
23 April 2004 - Phishing Scams Increase, New Tactics Emerge
The number of phishing scams circulating on the Internet has increased
dramatically over the last six months. eMail security company
MessageLabs detected 279 phishing emails in September 2003; in
January 2004 the number grew to 337,050 and fell back to 215,643
in March. Phishers are regularly coming up with new angles to
trick people into revealing personal information or allowing Trojans
and keystroke loggers to be downloaded onto their machines. The
Federal Deposit Insurance Corporation has warned banks about a
phishing email that appears to be from the FDIC; this particular
scam claims the FDIC has teamed with credit card companies to
provide a program that protects those who enroll from credit card
23 April 2004 - International Piracy Raids Target Warez Groups
Law enforcement officials around the world conducted 120 raids
in 10 countries and 27 US states against web sites suspected of
distributing pirated software, movies and music . Authorities
took down the suspect sites and seized computers; as yet, no arrests
have been made.
April 2004 - Universities are Looking Beyond Technology to Improve
A cyber security survey conducted by Educause, a group of higher
education IT professionals, found that of the 435 schools responding
to the survey, two-thirds required anti-virus software on all
computers that belong to their institutions, while only one-third
of the schools required the same of students' computers. Schools
are increasingly looking beyond merely technological fixes to
"softer" areas such as involving university administration
and developing security policies and procedures.
April 2004 - Study: Anti-Spam Technology is Effective
An IDC study indicates that using anti-spam technology can significantly
reduce the amount of spam received. The study found that in a
company with 5,000 email users, anti-spam systems saved the company
$780,000 (USD) and reduced the amount of time employees spent
dealing with email by 50%.
April 2004 - Spammers Sending Fake Stock Tips
The incidence of phony stock-tip related spam has grown three
fold between December 2003 and March 2004.
April 2004 - Automated Copyright Notice System Thwarts Content
The Automated Copyright Notice System (ACNS) allows schools and
Internet service providers to restrict or deny Internet access
to computer users who have violated copyright on peer-to-peer
networks. ACNS has been
tested and is due to go live at the University of California at
Los Angeles this week.
April 2004 - Fleet Issues New Business Visa Cards After Merchant
Fleet Credit Card Services is issuing new Visa business credit
cards to a number of customers after learning of a security breach
in computers of an as yet unnamed merchant.
April 2004 - Former Global Crossing Employee Sentenced
Stephen William Sutcliffe has been sentenced to almost 4 years
in prison for posting the home addresses and Social Security numbers
of 2,000 Global Crossing employees on the Internet. Sutcliffe,
who was fired from the company in September 2001, also posted
threats directed at specific employees.
April 2004 - Earthlink Audit Service Finds Spyware Items on PCs
Data collected by Earthlink through its free SpyAudit service
found an average of 28 spyware items on PCs scanned during a three
April 2004 - Program Will Warn Users of Suspected Phishing Sites
Earthlink plans to release a program that will warn users if they
click on an e-mail link that directs them to a website that has
been reported as a phony. The ScamBlocker program will be available
to everyone, not
just Earthlink customers. http://msnbc.msn.com/id/4741973
April 2004 - Maryland Legislators Approve Strong Anti-Spam Bill
Maryland state legislators have passed a bill that, if signed
by the governor, would cause convicted spammers to face sentences
of up to 10 years, fines of as much as $25,000 (USD) and confiscation
of their personal assets. It specifically outlaws several deceptive
practices spammers use.
April 2004 - Sentencing Commission Guidelines for Can-Spam Act
The United States Sentencing Commission has sent Congress guidelines
for sentencing those convicted under the Can-Spam Act. The guidelines
add penalties for those convicted of sending spam through someone
address without permission or who deliberately mask the origin
of their messages. The draft guidelines also compare "spam
offenses to theft, fraud and property destruction" and could
pose unusually harsh sentences
on convicted spammers. http://news.com.com/2102-1028_3-5191651.html?tag=st.util.print
April 2004 - Browser-Based Attacks on the Rise
The Computing Technology Industry Association's (CompTIA) second
annual report on IT security and the work force found that of
900 organizations surveyed, nearly 37% said they had experienced
at least one browser-based attack during the preceding six months,
up from 25% in last year's survey. Worms and viruses topped the
list of concerns.
April 2004 - Sprague Pleads Guilty to Copyright Infringement
Russell Sprague has pleaded guilty to one count of copyright infringement
for illegally duplicating movie preview tapes sent to him by a
friend who at the time was a member of the Academy of Motion Pictures
Arts and Sciences. Sprague could face up to three years in prison.
April 2004 - Phishers Exploit IE Hole to Install Keystroke Loggers
AusCERT released an advisory about a phishing scam that exploits
a vulnerability in Microsoft Internet Explorer (IE). The phony
e-mail provides a link to what appears to be a legitimate banking
site, but which actually downloads a keystroke logging program
onto their computers. The person is then redirected to the real
bank web site and the keystroke logger collects the personal information
entered and sends it to an anonymous mail server.
April 2004 - Legal Liability Threat Spurs Companies to Take Action
Illegal File Sharing on Networks
Facing the possibility of legal liability for copyright violations,
companies are starting to take steps to stop their employees from
participating in unauthorized peer-to-peer file sharing activity
on company networks. Technologies used to prevent illegal file
trading include tools that block access to P2P sites, shut down
P2P sessions and prevent P2P programs from running on company
networks, limit the amount of bandwidth P2P applications can use,
and inspect all packets traveling to and from networks, looking
for P2P markers.
2 April 2004 - 8 Million Infected by MSBlast
Data from Microsoft indicates that about 8 million computers were
infected with the MSBlast worm and its variants following its
August 2003 release. Microsoft was able to track how many times
an on line tool that cleans MSBlast and its variants from infected
machines was used.
1 April 2004 - Buffalo Spammer Found Guilty
A jury in Erie County, NY, has found Buffalo resident Howard Carmack,
a.k.a. the Buffalo Spammer, guilty on charges of identity theft
and falsifying business records. Carmack stole identities of two
Buffalo area residents and used them to send more than 800 million
spam messages. He will be sentenced on May 27, when he will face
between three and seven years in prison.
April 2004 - Judge Says File Sharers are Not Breaking Canadian
A Canadian Federal Court judge ruled that music file sharers are
not breaking Canadian law. Justice Conrad von Finckenstein wrote
"the mere fact of placing a copy [of a music file] on a shared
directory in a computer where that copy can be accessed via a
P2P service does not amount to distribution." The case in
question was brought by the Canadian Recording Industry association
who sought the identities of 29 Internet users who allegedly shared
1 April 2004 - Software for Detecting Phishing Schemes
The preponderance of phishing scams on the Internet has given
rise to software designed to defeat the schemes. For example,
eBay has added a feature to its toolbar that has a green light
when visiting eBay or
PayPal sites and red light on sites that are known to be phony.
It also provides a warning when users enter eBay or PayPal passwords
on other sites. Other proposed techniques include personalized
systems and technology to analyze headers.
March 2004 - The Indirect Costs of Security Breaches
Companies that suffer security breaches incur both direct costs,
such as lost productivity and overtime pay for those cleaning
up the breach's aftermath, and indirect costs, such as loss of
customer confidence, lost sales and legal liabilities. A group
of researchers at the University of Maryland's Smith School of
Business studied the effects of security breaches on the value
of companies in the stock market. Problems in which companies'
systems were hit with worms, viruses or denial-of-service attacks
appeared to have no effect on a company's
stock market value. However, breaches that exposed personal data
did appear to have a negative impact on the companies' stock market
March 2004 - Study: The Effect of Malware on European Small Businesses
According to research from McAfee Security, 22% of Europe's small
businesses (those with fewer than 20 employees) have had to temporarily
shut down in order to recover from malware attacks. The average
cost of cleaning up from the attacks, including lost income, is
5,000 EUR. McAfee's data came from a survey of 500 companies in
Italy, Spain, France, Germany, The Netherlands and the UK.
March 2004 - Executives Could Face Liability for Inadequate Security
Some security and legal experts say that executives could face
civil and criminal penalties for failing to adequately protect
their computer networks. A portion of the Sarbanes-Oxley Act requires
vouch for the adequacy of their internal controls; auditors are
staring to count cybersecurity among those controls. The Gramm-Leach-Bliley
Act has already had similar repercussions; the Federal Trade Commission
(FTC) brought action against drug manufacturer Eli Lilly for inadvertently
disclosing e-mail addresses of some of its customers who were
using Prozac. In addition, a Maine state panel ruled that Verizon
Communications should have known it would be vulnerable to last
year's Slammer worm and therefore had to make infrastructure payments
to the state even while their network was down.
March 2004 - US Lawmakers Address Illegal File Sharing
US legislators are taking aim at people who violate copyrights
by sharing music files on peer-to-peer networks. The draft legislation
in the House would lower the burden of proof for the Justice Department
to "pursue criminal prosecution." It would also impose
fines and prison sentences of up to 10 years. A bill introduced
in the Senate would allow the Justice Department to introduce
civil cases against those sharing files.
March 2004 - High-Speed Internet Access Company Customer Data
High-speed Internet access wholesaler ACCA Network CO. has confirmed
that some customer data was leaked in spring 2003. The company
says that data on at least 201 customers was definitely leaked,
and cannot "rule out the possibility" that data on all
1.4 million present and past customers was compromised.
March 2004 - Chinese Government Bans Internet Cafes Near Schools
The Chinese government has banned Internet cafes from operating
within 200 meters of residential areas or schools. The government
is concerned about young people being exposed to "unhealthy
There are already rules in place prohibiting minors from entering
Internet cafes, but many are believed to ignore those rules. China's
General Administration for Industry and Commerce (GIAC) has warned
that businesses caught flouting the rules would face stiff penalties.
March 2004 - Stolen GMAC Financial Services Laptops Contain Unencrypted
Two laptops stolen from the car of a GMAC Financial Services employee
contained personal data, including names, Social Security numbers
and credit scores, belonging to more than 200,000 people. The
data is password-protected but not encrypted. GMAC Financial Services
is contacting the affected customers, warning them that their
personal information may have been compromised and advising them
to place fraud alerts on their credit files.
March 2004 - California Man Indicted for Placing Keystroke Logger
on Employer's Computer
A federal grand jury last week indicted Larry Lee Ropp for intercepting
electronic communication. Ropp allegedly installed a keystroke
logger on a manager's computer while still employed at Bristol
Group/Coast National Insurance Company. Ropp claims he was collecting
data under the auspices of the California Department of Insurance
in connection with a class action lawsuit against Bristol; the
of Insurance maintains it did not authorize Ropp's activity. Regardless
of his intentions or affiliations, Ropp's alleged actions were
illegal. If convicted, he could face up to five years in prison.
March 2004 - RIAA Files More Lawsuits Against Alleged File Sharers
The Recording Industry Association of America (RIAA) has filed
lawsuits against 532 individuals, including 89 people at universities
across the country, for illegally sharing music files. The individuals
in the case are anonymous; the RIAA hopes to uncover their identities
through the courts.
March 2004 - 30% of Companies Surveyed Had "Serious"
Malware Infection in 2003
A study from ICSA Labs found that 30% of the 300 companies surveyed
said they had a serious computer virus outbreak in 2003, double
the figure for 2002. A serious outbreak was defined as one in
which 25 or more PCs were infected with the same virus at the
same time. Disaster recovery costs rose to about 100,000 USD per
incident in 2003. ICSA content security programs manager Larry
Bridwell says that 2004 could be even worse. Everyone must take
their responsibilities seriously; companies need to be proactive
about network security and employee education, vendors need to
provide more secure software and antivirus companies need to develop
and use more effective heuristics. http://www.theregister.co.uk/content/55/36443.html
March 2004 - Man Pleads Guilty to Phishing Charges
Zachary Hill of Houston pleaded guilty to charges related to a
phishing scam that targeted America Online and Paypal customers.
Hill will be sentenced on May 17.
22 March 2004 - US Congressman Putnam Questions Agencies About
During a hearing on information security, Adam Putnam, chair of
the House Government Reform Subcommittee on Technology, Information
Policy, Intergovernmental Relations and the Census, chastised
government agencies for moving too slowly in their efforts to
secure their computer systems. The agencies received a collective
security grade of "D" for 2003. Some agencies showed
marked improvement; the Nuclear Regulatory
Commission and the National Science Foundation both received individual
grades of "A."
March 2004 - Asia-Pacific Region Joins in Fighting Spam
The passage of the anti spam legislation in other parts of the
world, together with recent legal action brought against spammers
by four major Internet service providers (ISP) has inspired Asia-Pacific
governments and businesses to examine "measures" they
can take to stem spam's tide. Japan already has anti-spam legislation
in place; Australia's anti-spam laws take effect in April.
March 2004 - Back-Up Tape of Citibank Customer Transactions is
A back-up tape containing a month's worth of Japanese Citibank
customer transactions was lost while being transported to a data
center in Singapore. The information on the tape included account
addresses, account numbers and balances. Citibank intends to inform
affected customers by letter.
March 2004 - Possible Customer Data Compromise at BJ's Wholesale
Club Computer System
Law enforcement agencies and credit card companies are investigating
a possible security breach of the BJ's Wholesale Club computer
system. The problem was brought to light when credit card companies
reporting possible fraudulent activity on customers' accounts.
March 2004 - Korea Wants to Halve Spam Volume
The Korean government aims to cut the amount of spam in half by
the end of 2004. The country's Ministry of Information and Communication
(MIC) hit 68 spammers with stiff fines and sent warnings to an
March 2004 - Only US Receives More Spam than China
According to the Internet Society of China, in 2003, spam accounted
for nearly one in every three e-mails received in China. Chinese
servers received at least 150 billion spam e-mails last year,
placing the country just behind the US in volume of spam received.
March 2004 - Task Force Action Plans: Early Warning System, Increased
Two of five task forces formed under the National Cyber Security
Partnership have released action plans for improving national
cyber security. One of the plans calls for the creation of an
early warning system for cyber security events; the other offers
cyber security awareness guidelines for home and small-business
users. The guidelines have been criticized for being "vendor-driven."
March 2004 - Equifax Canada Data Compromised
Equifax Canada has informed more than 1,400 people that the security
of their credit files was compromised; the breach apparently narrowly
targeted a specific geographic area, raising concerns that the
attackers were well-funded, otherwise all of Equifax Canada's
database would have been be compromised.
March 2004 - Former FBI Analyst Faces Charges of Unauthorized
Former FBI investigative analyst Jeffrey D. Fudge will face trial
in Dallas on felony charges stemming from allegations he accessed
FBI data without authorization. Fudge allegedly shared the information
he discovered with his family and friends. If convicted of all
charges against him, Fudge could face a 50-year prison sentence
or a fine of as much as 250 million USD.
March 2004 - Alleged Software Pirate Fights Extradition to US
Hew Raymond Griffiths of New South Wales Australia is fighting
extradition to the US to face piracy charges. Griffiths is allegedly
the leader of the DrinkOrDie piracy group. Several US members
of the group have been in jail for as long as four years; others
are awaiting trial and sentencing. If Griffiths is convicted in
the US, he could
face a 10-year prison term and a 500,000 USD fine.
March 2004 - Ohio Middle School Student Suspended for Deleting
An Ohio middle school student allegedly broke into a school computer
and deleted files related to a computerized student reading program.
He is currently under a 10-day suspension; his parents and school
administrators are discussing the possibility of his expulsion.
The school district is investigating the possibility that other
students were involved in the incident.
March 2004 - Netsky-L and Netsky-M Worms Discovered
Find out about the most recent versions of the Netsky worm which
have been discovered.
March 2004 - US Internet Firms Take Action Against Spammers
AOL, Earthlink, Microsoft and Yahoo are taking legal action against
over 100 of the world's most prolific
March 2004 - ISPs File Suits Against Spammers Under Can-Spam Act
America Online, Earthlink, Yahoo and Microsoft are filing lawsuits
against hundreds of alleged spammers under the recently passed
Can-Spam Act. The complaints allege the defendants sent deceptive
marketing e-mail messages, used open proxies and did not provide
March 2004 - Comcast Cracking Down on Zombie Spam Relays
Comcast has been contacting customers whose computers have been
hijacked and used as zombie spam relays; in some cases Comcast
has cut off service. The company is also helping affected customers
secure their computers.
March 2004 - OMB Finds Agencies Lagging in FISMA Compliance
An Office of Management and Budget (OMB) review of nearly 8,000
agency computer systems found that just 62% have been certified
and accredited by an inspector general or a third-party entity.
The OMB had set a goal of having 80% of systems certified by December
2003. Only 78% of systems evaluated had undergone risk assessment
and 73% have up-to-date IT security plans. OMB will require agencies
to address these problems before they're allowed to spend money
on development, enhancement or modernization in fiscal 2004. Despite
having missed OMB targets, agencies did improve in each of the
seven categories OMB evaluated.
4 March 2004 - Researchers Find Spyware in 5% PCs Connected
to University Network
A study conducted by computer scientists at the University of
Washington in Seattle found that just over 5% of computers connected
to the university's network contained one of four specific spyware
They estimate that the real world figure may be larger because
students are more tech savvy than ordinary home users and because
there are more spyware programs than just the four the study searched
for. The researchers also discovered that two of the programs
could be exploited to run unauthorized code on the computers.
March 2004 - Phishing Scheme Gets More Subtle
An especially artful phishing scheme aimed at Westpac on-line
banking customers even goes so far as to include an oft-repeated
caveat: the bank will never ask for personal or log-in details
in e-mail. The link
in the phony e-mail opens a fake Westpac website in front of the
real Westpac site. Customers are instructed to log on to the site
and "verify their credentials." After the information
has been entered, the customer receives a phony error message
and is sent to the bank's actual web site.
March 2004 - Earthlink Will Test E-Mail Sender Authentication
Earthlink plans to start testing technology to reduce the amount
of spam and malicious e-mail its users receive. http://www.computerworld.com/printthis/2004/0,4814,90746,00.html
March 2004 - SPYBLOCK Act Takes Aim at Spyware
Three US Senators have introduced the Software Principles Yielding
Better Levels of Consumer Knowledge (SPYBLOCK) Act which would
make it illegal to download software onto people's computers from
the Internet without their permission, and would require companies
that offer software for downloading to disclose what their programs
do and what type of information they collect. Advertisements generated
by spyware would have to be clearly labeled as such. Furthermore,
the proposed legislation would allow states to sue violators in
federal court and the FTC to impose fines and civil penalties.
March 2004 - Survey: Viruses and Attacks Up 25% at UK Companies
The UK's Department of Trade and Industry will publish a survey
showing that half of UK businesses fell victim to viruses or distributed
denial-of-service attacks last year, a 25% increase over last
year's statistics. http://news.zdnet.co.uk/0,39020330,39147959,00.htm
1 March 2004 - Companies Opt for Off-the-Shelf Compliance Products
Large companies seeking to comply with Section 404 requirements
of the Sarbanes-Oxley Act are choosing off-the-shelf products
in lieu of developing their own, in-house software. The companies
say they save time and money by purchasing the software; the vendors
will customize and maintain the products. The Securities and Exchange
Commission (SEC) has granted a one-year extension on compliance
for companies that meet certain criteria.
1 March 2004 - Outcome of Password-Sharing Case is Cause for
A federal court ruled that Berkshire Information Systems violated
the Computer Fraud and Abuse Act when it obtained a password and
userid from a competitor's client and used it to access the competitor's
network. The author of this article questions the interpretation
of "damage" in this case.
26 February 2004 - Student Charged with Breaking Into Roommate's
Iowa State University student Nicholas Jensen has been charged
with breaking into his former roommate's e-mail account and sending
phony messages to people under the roommate's name. If convicted,
Jensen could face fines and a three-year prison sentence.
February 2004 - F-Secure Apologizes for Sending Virus
Anti-virus company F-Secure has e-mailed an apology to customers
who were inadvertently sent the Netsky.B virus through an e-mail
list. F-Secure director of anti virus research Mikko Hypponen
said the company has taken steps to guard against a repeat of
the event; the e-mail list should not have been accepting external
e-mails and the problem has been corrected.
24 February 2004 - Cyber Crime Costs UK Companies Billions
The results of a survey conducted by the UK's National Hi Tech
Crime Unit (NHTCU) estimate that cybercrime cost British companies
billions of pounds last year. The financial sector was hit most
Although 83% of the 201 companies participating in the survey
said they had been affected by cybercrime in 2003, less than 25%
of the companies reported the incidents to police. More than 25%
of the companies do not conduct regular security audits.
24 February 2004 - Bill Gates Announces Security Improvements
In his keynote address at the RSA conference today, Microsoft's
Bill Gates sounded like a "born again" security advocate,
and he announced some surprisingly useful new capabilities. Examples:
firewalls turned on by default in XP SP2 and firewalls that ask
the user for permission to open a port when an application needs
it open, and automatically close the port after the application
finishes its job. Many other valuable features are listed in the
February 2004 - Reports of MyDoom-F Worm on The Rise
The MyDoom-F worm is poised to launch denial of service attacks
against websites belonging to Microsoft and the record industry.
Sophos has been protecting against this worm since 20 February,
so ensure you are properly defending your networks now. http://www.sophos.com/virusinfo/articles/mydoomf.html
February 2004 - Former ViewSonic Employee Gets Prison Sentence
for Wiping Out Data
Former ViewSonic employee Andrew Garcia has been sentenced to
one year in prison for breaking into the company's computer system
and wiping out critical data two weeks after he was fired.
February 2004 - Missouri Bank Sent Unencrypted Customer Data to
Southern Commercial Bank, which is based in St. Louis, Missouri,
may have compromised customers' privacy of 40,000 customers when
it sent unencrypted personal data, including bank account and
social security numbers, to an independent programmer. A branch
bank VP sent the information in an attachment; the Missouri Division
of Finance is investigating the case.
February 2004 - Minnesota Man Charged with Breaking Into USPS
Joshua Linsk of Minneapolis has been charged with breaking into
and damaging a US Postal Service web server. Linsk also allegedly
broke into another computer at a different organization to obtain
credit card numbers. If convicted, Linsk could face a prison sentence
of up to 15 years and/or a fine of as much as $500,000.
February 2004 - Judge Rules DVD-Copying Products are Illegal
A federal judge in California has ruled that 321 Studios' DVD-copying
products are illegal, and gave the company seven days to stop
distributing the products in question. The judge wrote that federal
law makes selling such products illegal despite consumers' rights
to make personal copies of movies they have purchased. 321 Studios
plans to ask for an emergency stay that would allow their products
to remain on store shelves while appealing the judge's ruling.
February 2004 - Phishing Attacks Increased by 50% in One Month
The Anti-Phishing Working Group found that there were 52% more
phishing attacks in January 2004 than in December 2003. 40% of
the attacks used the guise of the financial sector; 34% pretended
to be retailers. http://www.ecommercetimes.com/perl/story/32906.html
February 2004 - Phishers Target National Australia Bank Customers
Phishers have sent e-mails that purport to be from National Australia
Bank (NAB) and lead users to a site that tries to collect their
Australian National ID and Internet banking passwords. The URL
for the phony site has been blocked.
February 2004 - Audit Finds Sensitive Data on Discarded North
Carolina State Government Computers
The North Carolina state auditor's department found sensitive
data on the hard drives of used state government computers that
had been sent to the Surplus Property Agency for sale to the public.
The data they found included social security numbers, bank account
numbers and passwords that would allow access to the state computer
network. The review was the first conducted following a 2002 requirement
that agencies erase data from their computers before submitting
them to the Surplus Property Agency.
February 2004 - Phony Police E-Mail Tries to Get Keystroke Logger
Onto People's Computers
The Australian High Tech Crime Centre has warned people that cyber
criminals are sending out e-mails that claim to be from the federal
police and suggesting that they are under investigation. The links
that purport to provide further details actually install keystroke
loggers on users' computers. http://australianit.news.com.au/articles/0,7204,8707873^15319^^nbv^15306,00.html
February 2004 - CA Employment Development Dept. Computer Security
After a state agency computer's security was compromised, the
California Employment Development Department sent letters to people
whose personal information was on the affected computer, telling
them their data may have been viewed by an intruder. There is
no evidence that any personal information was accessed or abused.
However, a California law enacted last summer requires that people
be informed in the event of a computer security breach involving
unencrypted personal data. http://news.com.com/2102-7355_3-5158936.html?tag=st.util.print
12 February 2004 - FTC Warns that Anti-Spam Site is Not Affiliated
The US Federal Trade Commission (FTC) issued a press release warning
people that http://www.unsub.us, a web site that promises to reduce
spam, is not affiliated with the government and could potentially
result in an increased volume of spam for those who submit their
12 February 2004 - Flaw in Ticketmaster Site Exposed Customer
Australia's Ticketmaster 7 web site contained a flaw that allowed
visitors to view other customers' information. Ticketmaster 7
says it has closed down the service, which allowed people to view
other people's personal information simply by changing numbers
in a URL.
February 2004 - Study Shows Companies Feel Spam is a Significant
A study on the effects of spam on organizations commissioned by
Network Associates found that 90% of companies surveyed believed
spam makes them more vulnerable to security threats. 97% of the
companies felt than antispam technology should be part of their
February 2004 - South Korea Spammers Fined
South Korea's Fair Trade Commission has fined 25 spammers between
1 million and 7 million KRW ($860-$6020 USD) for violations of
the E-Commerce Consumer Protection Law.
6 February 2004 - Music Industry Investigators Raid KaZaA Offices
Music Industry Piracy Investigations, an industry-owned group,
raided the offices of peer-to-peer network KaZaA to gather evidence
in a copyright breach case/music piracy. They also raided the
offices of Sharman Networks, KaZaA's parent company, as well as
the homes of two company executives, several universities and
service providers. http://www.wired.com/news/print/0,1294,62192,00.html
5 February 2004 - Man Pleads Guilty in PayPal Phishing Case
Alec Scott Papierniak of Minnesota has pleaded guilty in federal
court to wire fraud; he admitted to using a phishing scheme to
steal funds from PayPal customers and to sending keystroke-logging
software to some of his victims. Papierniak has agreed to pay
restitution; he will be sentenced in May.
February 2004 - Treasury Dept Warns of Fraudulent Fee Notices
and Phishing Scheme
The US Treasury Department has issued an alert, warning of two
"fraudulent schemes." The first is a phishing scam,
which has already generated some press; in the second, bank customers
"ANTI-TERRORIST STOP ORDER letters" telling them they
must pay a $25,000 fee for a certificate in order to conduct further
February 2004 - Chinese Government to Crack Down on Spam
Chinese government ministries are working together to fight spam;
the government hopes that by June, 90% of the country's e-mail
servers will have measures in place to prevent spam. The government
is especially concerned with spam's potential for distributing
pornography and subversive political material.
February 2004 - Mobile Phone Spam a Growing Problem in Asia
Spammers are increasingly targeting mobile phone users in Asia.
DoCoMo is taking measures like blocking messages that don't have
specified recipients; it has also cut off more than 2,000 lines
for spam abuse and in some instances has sought damages.
January 2004 - University of Georgia Server Security Breach Under
Federal and state officials are investigating a security breach
of a server at the University of Georgia. The intruders could
possibly have gained access to the social security and credit
card numbers of individuals who applied to the university since
August 2002. There is as yet no evidence that the information
has been used; the server was apparently being used to probe other
systems for potential attacks.
January 2004 - Microsoft and SCO Offer $250,000 Rewards for Mydoom
Microsoft and SCO are each offering a $250,000 reward for information
leading to the arrest and prosecution of the worm's author. Mydoom.B
also apparently blocks infected computers from accessing web sites
that could help them by overwriting host files and pointing them
to non-existent IP addresses.
January 2004 - Warner Bros. Files Suit Against Man For Alleged
Role in Film Piracy
The Warner Brothers film studio has filed a lawsuit against Carmine
Caridi, the Academy of Motion Picture Arts and Sciences member
who allegedly sent screener copies of films to a man in Illinois,
subsequently digitized them and put them on the Internet. Ten
other unnamed defendants listed in the suit are alleged to have
been involved with a scheme to distribute movies on the Internet.
January 2004 - Former Microsoft Employee Convicted and Sentenced
for Software Theft
Former Microsoft employee Wilson Delancy has been sentenced to
21 months in prison and ordered to pay $4 million in restitution
for his part in a software theft and reselling scheme.
January 2004 - MyDoom Virus Spreading Rapidly - Targets SCO
The MyDoom virus is spreading rapidly in part because of its effective
social engineering. It masquerades as a technical email from someone
known to the victim, then spreads rapidly, installs a back door
and begins to attack SCO.com.
January 2004 - FDIC Warns of Phishers Preying on Terrorism Fears
The Federal Deposit Insurance Corporation (FDIC) issued an advisory
last week warning that phishers have been sending out e-mails
telling people that their FDIC bank account deposit insurance
has been suspended as a result of an investigation conducted under
the USA-PATRIOT Act. People are told that their accounts will
lose FDIC protection unless they provide their account details
for verification. The phishers have exploited a known Internet
Explorer vulnerability that allows them to spoof web sites; while
the link appears to lead to an FDIC site, it actually leads to
a server in Pakistan.
January 2004 - Filters Force Spammers to Use Gibberish
Though the incidence of spam may not be decreasing, the coherence
of the messages is definitely decreasing. Spammers who wish to
evade filters must garble their messages; most people are unlikely
to open e-mail with subject lines full of gibberish.
[SANS editor's note: My p.r.e.d.i.c.t.i.0.n. is that spa8mmers
will have to f1nd 0ther v3nues s00n. E-m8il, as a batch service,
is too 3asy to add pr0cessing into its d8ta path. L00k f0r future
to f0cus on inst8nt messag3ing and p33r to p33r.]
January 2004 - Dumaru Worm Poses As Photograph But Steals Online
Sophos technical support has advised customers about the Dumaru-Y
worm which poses as an emailed photograph, whilst really attempting
to steal online banking details.
January 2004 - Alleged Movie Pirate Arrested
FBI agents have arrested Russell Sprague of Illinois for allegedly
using the Internet to distribute screener versions of films that
were intended for the members of the Academy of Motion Pictures
Arts and sciences (AMPAS). The screener films have been traced
back to an AMPAS member who is a friend of the suspect who says
he believed Sprague was just someone who enjoyed watching movies.
January 2004 - Banks Warn Customers About Phishing Scams
With phishing scams on the rise, banks are warning their customers
to be wary of suspicious e-mail, especially if it guides them
to a site that asks for personal details that could be used by
12 January 2004 - Trojan Wrapped In Phony XP Service Pack
A new Trojan called Xombe was being circulated Friday morning.
The malicious code arrives in an e-mail purporting to be a Windows
XP service pack mailed from the Microsoft domain.
January 2004 - Mimail-P Promises Prize, Steals Information
The latest Mimail variant was detected Wednesday. Like other variants,
it targets PayPal customers and tries to steal credit card and
Social Security numbers.
January 2004 - Adobe Adds Anti-Counterfeiting Technology
At the request of government regulators and bankers, Adobe has
added anti-counterfeiting technology to its Photoshop graphics
software. The code came from the Central Bank Counterfeit Deterrence
Group, which represents banks in many Western European countries,
Japan, the UK, the US and Canada. Adobe admitted it had added
the software only after a customer complained about the program's
behavior when he tried to open an image of a $20 bill. People
are displeased that a private company
is acting as an agent for governmental powers.
January 2004 - Australian Police Investigating Internet Banking
Australian Federal Police are investigating a scheme in which
cyber thieves are using Trojan horse programs to steal people's
banking details and transfer money out of their accounts. The
people who were targeted had used computers with inadequate anti-virus
January 2004 - Almost Half of KaZaA Files Contain Malware
Research from TruSecure, a company specializing in risk management,
found that 45% of files downloaded from KaZaA contained malware.
TruSecure senior analyst Bruce Hughes encourages companies to
educate their employees about the security risks involved in peer-to-peer
January 2004 - Phony FBI e-Mail Contains Malware Attachment
Some people have been receiving e-mail messages purporting to
be from the FBI and informing them that they will be indicted
on charges of illegal downloading. The e-mail includes an attachment
that claims to
be the evidence taken from their computers but which really contains
malware. Closer examination of the e-mail message reveals grammatical
and factual clues that it is not authentic.
January 2004 - RIAA Lawsuits Spur Downturn in Downloading
Research from the Pew Internet and American Life project found
that the number of people who downloaded music from the Internet
fell from 35 million in the spring of 2003 to 18 million in a
four-week period in early winter 2003. The Recording Industry
Association of America's (RIAA) approximately 400 lawsuits filed
against people who had illegally downloaded music is a likely
reason for the decline. In addition, use of peer-to-peer file
sharing networks such as KaZaA and Grokster fell significantly
over the past year. http://news.com.com/2102-1027_3-5134691.html?tag=st_util_print
(Webmaster note - although drastic in nature, the RIAA actions
have done wonders for awareness of copyright law)
January 2004 - Social Discovery Sites' Security Lacking
Social discovery web sites are gaining popularity, but tend to
place performance over privacy and security concerns. One's login
page sends passwords in the clear; another uses unique session
IDs, which are
easily defeated. Intruders on these sites prey on others' reputations.