CFS April04.qxd
07/04/2004
12:30
Page 1
(Black plate)
April 2004
London Police to form intelligence cell with companies Security for profit — 4 Domain security — 17
Editor: Sarah Hilley Editorial Advisors: Peter Stephenson, US; Silvano Ongetta, Italy; Paul Sanderson, UK; Chris Amery, UK; Jan Eloff, South Africa; Hans Gliss, Germany; David Herson, UK; P.Kraaibeek, Germany; Wayne Madsen, Virginia, USA; Belden Menkus, Tennessee, USA; Bill Murray, Connecticut, USA; Donn B. Parker, California, USA; Peter Sommer, UK; Mark Tantam, UK; Peter Thingsted, Denmark; Hank Wolfe, New Zealand; Charles Cresson Wood. Bill J. Caelli Editorial Office: Elsevier Advanced Technology, PO Box 150 Kidlington, Oxford OX5 1AS, UK Tel: +44-(0)1865-843645 Fax: +44-(0)1865-843971 Email:
[email protected] Subscription Price for one year: (12 issues) US$833/¥102,240/769.00 including first class airmail delivery subject to our prevailing exchange rate Price valid to end of 2003 Subscription Enquiries: Orders and Payments: For customers residing in the Americas (North, South and Central America): Elsevier Journals Customer Service 6277 Sea Harbor Drive Orlando, FL 32887-4800, USA North American customers: Tel: +1 (877) 839-7126 Fax: +1 (407) 363-1354 Customers outside US: Tel: +1 (407) 345-4020 Fax: +1 (407) 363-1354 Email:
[email protected] For customers in the rest of the World: Elsevier Science Customer Support Department PO Box 211, 1000 AE Amsterdam, The Netherlands Tel: (+31) 20-3853757 Fax: (+31) 20-4853432 Email:
[email protected] To order from our website: www.compseconline.com
Publishers of Network Security Computers & Security Computer Fraud & Security Computer Law & Security Report Information Security Technical Report
Contents Analysis London police to form intelligence cell with companies 1
The London Metropolitan police is setting up a covert unit with corporations to share intelligence about cybercrime. Speaking at the Computer & Internet Crime event in London recently Assistant Commisioner Tarique Ghaffur, head of the Specialist Crime Directorate at the Met said that a better way to quantify the costs of computer crime has to be found. "We will be setting up a covert intelligence cell with industry where information about losses is shared," he said. "Industry doesn't want to share losses, they prefer to sack people," said Ghaffur. This is only a stop gap as sacked offenders will continue to swindle other companies, warned the Assistant Commissioner.
He confirmed that the Met sees examples of habitual offending. "We have seen several examples of infiltration and attacks in banking." And the profile of hackers is changing, "they are more mature, and likely to work in IT these days," he said. So far the Met has some high profile cases under its belt; bringing cases against hackers such as Caffrey, McIllroy and Vallor. Police need information, said DI Clive Blake at the same event. "Disruption" of criminal activities is an alternative approach, that can be pursued rather than prosecution if necessary.
Firewall worm debuts new risks
1
UK post office links to ATM network with Thales’ encryption technology 2 Netsky & Bagle dominate virus top 10 in March 2 Nigerian fraudster jailed
3
EC called on to protect outsourced data 3
News In Brief
2,3
Profitable security Computer security for fun and profit 4
End-user security Using security: easier said than done
6
Phishing The future of phishing
11
Firewall worm debuts new risks A network worm, Witty, that exploits security vendors' Internet Security Systems firewall software has demonstrated a new turning point in malware malevolence warns an Internet analysis group.
Audit
The Cooperative Association for Internet Data Analysis (CAIDA) is concerned about haw rapidly the Witty worm was unleashed after disclosure of the exploited vulnerability. Witty is the fastest emerging worm ever according to CAIDA.
ID Theft
The worm emerged less than two days after the vulnerability was disclosed. It exploits a buffer overflow flaw in ISS RealSecure and BlackICE. Colleen Shannon at CAIDA said, "As the payload of worms is published, more information
The transmutation of GIGO and the cult of assumption 12
Identity theft
14
Getting the Whole Picture Policy domain mapping
17
Events
20