[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips August 22, 2003
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;, mguitonxlt@xxxxxxxxxxx;
- Subject: Clips August 22, 2003
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Fri, 22 Aug 2003 16:37:43 -0400
Clips August 22, 2003
ARTICLES
Guilty plea in Internet music piracy case
Marketers Say They Intend to Join Effort to Fight Spam
Navy cancels purchase cards amid hacker attack
Progress made toward shutting down SoBig servers
Record Computer Infections Slow U.S., Private Work
*******************************
Washington Post
Guilty plea in Internet music piracy case
Florida man, one of 22 convicted, faces prison term
By SUSAN DECKER
BLOOMBERG NEWS
A Florida man who prosecutors say ran a music piracy group called Apocalypse Crew that got advance copies of songs and shared them over the Internet has pleaded guilty to criminal copyright infringement.
Mark Shumaker, 21, of Orlando faces up to five years in prison and a $250,000 fine at his sentencing scheduled for Nov. 7 before U.S. District Judge Gerald Bruce Lee in Alexandria, Va., according to the Justice Department.
Prosecutors said Shumaker is one of 22 people convicted as part of a worldwide investigation to crack down on music piracy, which has been blamed for a drop in sales for companies such as EMI.
Prosecutors are seeking the extradition of Hew Raymond Griffiths of Bateau Bay, Australia, who they say is the self-proclaimed leader of piracy groups including Drink or Die and ViCE.
"This plea shows that those who steal copyrighted music from artists and believe they are doing so anonymously on the Internet are sadly mistaken," U.S. Attorney Paul McNulty said yesterday in a statement.
Prosecutors say Apocalypse Crew got digital copies of unreleased music from radio disc jockeys and employees of music magazine publishers.
The copies were shared on peer-to-peer networks such as KaZaa and Morpheus, according to the U.S. Attorney's Office in Alexandria.
The recording industry is suing to shut down those networks.
Prosecutors said that in 2001, Shumaker coordinated the distribution of the music and operated Apocalypse Crew's private chat channel in which members discussed their activity.
*******************************
New York Times
August 22, 2003
Marketers Say They Intend to Join Effort to Fight Spam
By JOHN SCHWARTZ and JOHN MARKOFF
A new player has joined the effort to protect computer users from spam: the folks who bring you junk mail.
The Direct Marketing Association, which represents about 4,700 companies that engage in marketing directly to consumers, has quietly begun working with federal law enforcement officials, regulators and Internet service providers to develop a high-technology group dedicated to helping shut down the most egregious users of bulk e-mail.
The intent will be "to identify significant spam operators who are violating existing laws, develop the cases and refer them to the appropriate state, federal or international prosecuting authorities," the direct marketing trade group said in a recruiting letter dated Aug. 8.
The campaign, to be called Operation Slam Spam, is seeking a $65,000 "participation fee" from the association's members, according to the letter, which was signed by its chief executive, H. Robert Wientzen.
The move is an attempt to blunt efforts to prod Congress and the states into approving significantly tougher anti-spam laws. In comparison, the direct marketing group supports relatively mild legislation.
The association's letter makes it clear to members that a relatively small upfront investment now may pay off in the long run by allowing them to continue to rely on e-mail as an important marketing tool.
"State and federal lawmakers are focusing on this growing blight and are threatening to enact legislation that could have a significant negative impact on marketers," the letter states.
A spokesman for the Federal Bureau of Investigation, Paul Bresson, said yesterday that the talks with the Direct Marketing Association had been preliminary, but that they were a positive step in the fight against illegal spam.
"We are trying to work with the private sector," Mr. Bresson said. "This is an effort to help build alliances with them to help address this very important problem of illegal activity on the Internet."
Background materials sent with the letter by the marketing association laid out a system of "simultaneous layered approach methodology" (the "Slam" in "Slam Spam") in which the industry would work with the National White Collar Crime Center to provide investigative support and training to the F.B.I., the Justice Department and state and local law enforcement agencies.
Mr. Wientzen said that the proposed group, which he said could be in operation by next month, could help provide the investigative resources and expertise that federal law enforcement agents could not apply to the spam problem.
"Spam is a serious concern, but we understand that the issues of terrorism are more important," he said. "This will allow for an increase in the resources available."
He said that the initiative was in no way an attempt to prevent all spam legislation; his group, he said, supports reasonable and effective legislation that would, for example, require all e-mail advertising to provide recipients with the opportunity to opt out of future mailings, and would require those choices to be honored by marketers. He said that legislation and self-regulation should go hand in hand with enforcement and improvements in technology that would allow spam to be blocked effectively.
Mr. Wientzen said he was worried about some state laws that he called "totally ineffective" and "detrimental to good marketers." Ill-conceived legislation, he said, "really will only hurt the good guy."
The new organization is intended to help law enforcement "identify the bad guys who are responsible for the vast majority of this stuff, and will stop them."
As for whether there is any paradox in the notion of the direct mail industry helping to block unwanted e-mail messages, he said: "I don't think it's at all ironical. It's about us acting to preserve a legitimate marketing channel that people do respond to."
Many of the world's most successful and respected companies, he said, communicate via e-mail messages, and consumers look online for information about shopping and bargains.
Microsoft was one of companies the Direct Marketing Association contacted. Tonya Klause, a Microsoft spokeswoman, said that the new initiative could help in the fight against spam but was "not a panacea."
She added that Microsoft "is very interested in working with the F.B.I. to develop the right method of investigating and prosecuting spammers," but that "at this point the company has not committed to any particular strategy like the D.M.A.'s."
The news comes at what could be a pivotal moment in the spam wars. Congress is expected to consider at least eight different bills when it returns from recess after Labor Day. But the chairman of the Federal Trade Commission, which has taken on the spam issue, expressed doubt this week about the effectiveness of legislation to address the problem.
The F.T.C. chairman, Timothy J. Muris, told an audience at the annual Aspen Summit of the Progress and Freedom Foundation, a free-market-oriented group, that "no one should expect any new law to make a substantial difference by itself." Some proposed measures, like a national do-not-spam registry that would resemble the wildly popular national do-not-call list, would be impossible to enforce, he said.
That kind of talk makes high-tech privacy advocates nervous, said Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington.
"There is overwhelming public support and industry support for effective and that word is very important for effective spam legislation," he said. "Self-regulation has obviously failed when it comes to spam. I suspect giving the marketing association responsibility for controlling the growth of spam is not very high on anyone's list."
*******************************
Government Executive
August 21, 2003
Navy cancels purchase cards amid hacker attack
By Matthew Weinstock
mweinstock@xxxxxxxxxxx
The Navy cancelled all of its purchase cards Thursday after learning that hackers broke into its system, gaining access to 13,000 accounts, according to a news release issued by the Defense Department Purchase Card Program Management Office. As a result, the Navy put a stop on all 22,000 card accounts.
?A DoD team is on site to determine how this happened and what needs to be done to fix the breach,? the release stated. ?A Defense Criminal Investigative team is also on site to pursue the investigation.?
Navy officials are working with its card issuer, Citibank, to open new accounts as quickly as possible. It?s not clear yet if any cards have been used for fraudulent purchases.
?Vendors who accept the purchase card and do business with the Navy should be aware that all card accounts have been cancelled and that Citibank is working quickly to re-establish new accounts and cards. In the meantime, emergency purchases are being handled on a case-by-case basis to fully support Navy requirements,? DoD said in the statement.
Vulnerabilities in the Navy?s purchase card program are not new. Last year, the General Accounting Office found that ?a weak overall control environment and breakdowns in key internal controls leave the Navy vulnerable to potentially fraudulent, improper, and abusive purchases? (GAO-02-1041).
GAO noted, however, that the Navy took some steps to improve the situation, including reducing the number of cards issued from 59,000 in 2001 to roughly 22,000 today. Still, GAO found that some Navy personnel were making personal purchases with their cards. GAO urged the service to more closely scrutinize how and to whom cards are issued. The agency watchdog also suggested that the Navy improve training for purchase cardholders.
*******************************
Government Computer News
Progress made toward shutting down SoBig servers
By William Jackson
Less than an hour before hundreds of thousands of computers infected by the latest Sobig worm were supposed to begin contacting compromised servers for further instructions, most, if not all, of the targeted servers have been shut down.
?A whole bunch of them are no longer available,? said Dan Ingevaldson, engineering manager of the X-Force security service of Internet Security Systems of Atlanta.
A recent scan by Government Computer News of the targeted IP addresses showed no response from 16 of them. Four addresses, three in Canada and one in the United States, appeared to still be available.
Mikko Hypponen, director of antivirus research at F-Secure Corp. in Finland, said shortly after 2 p.m. that all seemed to be shut down.
Sobig.F has infected hundreds of thousands of computers this week through e-mail attachments, and flooded networks in its attempts to replicate. Security firms found an encrypted payload set to activate this afternoon.
The worms are set to synchronize themselves from a Central time source and execute the payload code at 3 p.m. Eastern time, noon Pacific time. Each worm was to contact one of 20 infected computers in the United States, Canada and South Korea and receive a Web address. The infected machines would then download and run a program from that address.
?We put the word out,? Ingevaldson said of the compromised servers. ?We hope that the service providers are filtering or unplugging the machines.? He added, ?Law enforcement may be involved at this point.?
Both the Homeland Security Department and the CERT Coordination Center at Carnegie Mellon University said they were aware of the second-phase SoBig attack and were monitoring the situation but would not comment on specific actions.
The targeted servers seemed to be randomly located home PCs with broadband connections, security officials have said. IP addresses for them are registered to service providers including AT&T Corp., Charter Communications Inc. of St. Louis, EarthLink Inc. of Atlanta, Time Warner Cable Inc. of Atlanta, Comcast Corp. and Sprint Corp. in this country; Bell Canada and Le Groupe Videotron in Canada; and Dacom Boranet in South Korea.
So far there have been no indications of the nature of the instructions or payload the worms were to download.
?Unfortunately, we don?t know what this thing will be that is set to be downloaded,? said Dee Liebenstein, group product manager for Symantec Security Response, a part of Symantec Corp. of Cupertino, Calif. ?That is a mystery to us.?
*******************************
Washington Post
Record Computer Infections Slow U.S., Private Work
By Charles Duhigg
Friday, August 22, 2003; Page E01
Federal agencies reported sluggish or stalled computer systems yesterday and record levels of e-mail interceptions as the spread of viruses that have tangled Internet traffic in the past 10 days slowed somewhat but remained at record levels.
An official at the Department of Homeland Security noted that some agencies were unprepared for the digital infections, in spite of warnings issued by Microsoft Corp. and the department itself last month.
Federal "agencies and commercial organizations have dropped the ball and they're suffering the consequences," said Sallie McDonald, a senior executive with the national cybersecurity division at the Department of Homeland Security.
Computer viruses have spread at an unprecedented rate in the past 10 days, moving faster and more aggressively than in any other period and infecting at least 1 million residential, business and government computers worldwide. Microsoft, whose dominant Windows operating system is the target of the malevolent codes, said yesterday that it discovered two new "critical" security flaws in its Internet Explorer Web browser. This generation of worms has done no irreversible damage, other than slowing communication, overstuffing e-mail inboxes and cutting into productivity, but computer experts worry that will not be the case next time.
Internal computer systems at the Small Business Administration were down for two to three hours yesterday after agency computers were infected by the Welchia virus, said Stephen Galvan, the agency's chief information officer. Officials there decided to shut down the system to immediately install patches to stop the virus. Exterior systems, such as the SBA's Web site, do not use the Microsoft Windows operating system and were unaffected by the worm.
Virus-defense systems at the Department of Commerce have been intercepting record numbers of infected e-mails, according to Tom Pyke, chief information officer for the agency. Pyke said that 40,000 messages infected with the Sobig.F worm had been intercepted before infecting Commerce computers yesterday and that the agency continues to quarantine 500 to 750 e-mails per hour.
A spokesman for the Federal Communications Commission reported individual computer outages related to the worm and some slowing of system-wide operations during the day.
Meanwhile, computer security companies report a slight decrease in the spread of the Blaster, Welchia and Sobig.F worms. MessageLabs, an e-mail security company serving corporations, reported finding Sobig.F in one in every 28 e-mails intercepted by the company yesterday, down from a high of one in every 17 on Tuesday. The decrease is consistent with previous worm patterns, where overall occurrence drops by 50 percent every 24 hours, said Brian Czarny, director of marketing for MessageLabs.
"Even with a 50 percent drop-off, we're still seeing phenomenal numbers," Czarny said. "This virus is going to be out there for a while."
Representatives of computer security company Symantec reported that the worms appear to be tapering off slightly, but not significantly decreasing.
Homeland Security's McDonald said the week's events come as a wake-up call for government agencies.
"These viruses could have been destroying files," she said. "An announcement went out from Microsoft and Homeland Security in July about this vulnerability, and here we are seven weeks later and people are still being hit with it. Those patches could have been installed last month before these attacks began."
Organizations with sensitive data frequently back up their records to avoid potential losses, McDonald said, but but those who don't are at risk of permanently losing records. Many experienced decreases in productivity today when systems were slowed by attacks or brought off line around midday so that patches could be installed.
"Legislation is already in effect placing security regulations on the health industry and financial industries," McDonald said. "If industries and agencies don't start regulating themselves, Congress may put in legislative requirements."
Security experts noted that these worms should also serve as warnings to the public.
"How many corporations have your name and credit card information?" Fred B. Schneider, director of the Information Assurance Institute at Cornell University, said in an interview earlier this week. "There is sensitive data in cyberspace. What we're seeing right now could just as easily be taking that information and sending it to criminals."
*******************************