- Email: [email protected]
Military remote controls foil highjackers
issue.qxd
10/1/01
11:20 AM
Page 4
news software, adding, changing, defacing or deleting stored Web pages. Staying with the theme of primary colours, on 1 September, a program named Code Green was posted to BugTraq. It is designed to remove Code Red infections. The author, Herbert HexXer said: “I will not take responsibility for any damage that might be caused by this code. Be sure to have understood the code and it’s purpose before beginning to play with it.” Another piece of patching code Rclean was later posted to the same list. It raises the idea of the viability of automated patching as a viable alternative to the current manual method. Code Blue IIS patch: http://www.microsoft.com/technet/security/bulletin/ms00078.asp, Code Red IIS patch: http://www.microsoft.com/technet/security/bulletin/ms01033.asp.
Anna Kournikova author stands trial The author of the Anna Kornikova virus, Jan de Wit has appeared in court appealing the case to be dismissed. 20 year old de Wit is charged with creating the email worm which is reported to have caused $166 000 in damages according to the FBI. De Wit claims that he should be treated leniently since he had no intention of causing damage and posted the virus to a newsgroup in February: “without thinking and without overseeiung the consequences.”
4
Despite de Wit’s protestations, he may face prison for the offence of spreading data into a computer network with the intention to cause damage. This crime carries a maximum sentence of four years in prison and a fine of 100 000 guilders ($41 300). According to anti-virus software vendor Sophos, the Anna Kournikova email worm impacted service levels all over the world as it spread, although thanks to fast reporting and patching, the effects were not as widespread as first anticipated. de Wit is due to be sentenced on September 27, look out for reports on the result in your October issue of Network Solutions.
immediately because the worm can autolaunch using a known vulnerability in earlier versions of these Microsoft applications Luckily the worm appears to be easily spotted by anti-virus products that have been updated to combat the Code Red worm previously reported here. Meanwhile Microsoft has issued advice on Microsoft has published information on what steps users and businesses should take to ensure their systems are adequately protected against the W32/ Nimda-A virus. The information is available at: //www.microsoft.com/technet /security/topics/Nimda.asp
technology News
Nimda virus hits Yet another worm has hit the headlines. This worm, codenamed Nimda (admin backwards) has been spotted on the Internet and appears to be spreading fast. The worm spreads through an infected email attachment, appears in the users inbox as a blank message. There is no subject line and no message. Attached is a attachment, usually called README.exe and accompanied by a HTML file. If launched the worm attempts to add malicious JavaScript to Web pages on IIS servers. Nimda is spread through Outlook and Outlook Express email clients and anti-virus vendors have rushed to issue warnings to those users who are using old, unpatched version of this software to update their programs
Email surives, buildings crash In a testament to the power of the Internet, New Yorkers have been explaining how email, rather than the phone system allowed them to let relatives know they were safe after the terrorist attrocities on 11th September 2001. Although workers were unable to get through on most phone lines, thousands of emails did manage to find their way to frantic relatives worldwide. Both mobile and landlines were affected by the attack, both from the excessive demands of worried relatives trying to contact workers and the physical aftermath of the collapse of the World Trade Centre. Luckily most ISPs were unaffected by the attack and were able to transmit
messages across the world from those who escaped safely. Mobile lines in New York were particularly badly hit because the main mast for the city was based on top of the World Trade Centre.
Military remote controls foil highjackers The US military is developing technology which will allow it to take control of highjacked planes to prevent future suicide attacks. Remotely piloted vehicles are being tested which will allow the military to gain control of the aircraft, while still in the air, in order to prevent recurrences of the recent US attacks. Dr Simon Bennett, aviation safety and disaster management expert from the University of Leicester’s Scarman Centre commented: “These systems could take the highjackers out of the control loop...Perhaps these technologies could be used as a safety net if you were confident a plane had been highjacked.” Of course these technologies would have to be hackerproof because in the wrong hands, could be devastating, but it is hope that in the future they would prevent this sort of attack. Bennett said: “This technology exists in the military to such an extent that they are confident enough to use it in the field. Maybe a commercial version could be looked at.”
10/1/01
11:20 AM
Page 4
news software, adding, changing, defacing or deleting stored Web pages. Staying with the theme of primary colours, on 1 September, a program named Code Green was posted to BugTraq. It is designed to remove Code Red infections. The author, Herbert HexXer said: “I will not take responsibility for any damage that might be caused by this code. Be sure to have understood the code and it’s purpose before beginning to play with it.” Another piece of patching code Rclean was later posted to the same list. It raises the idea of the viability of automated patching as a viable alternative to the current manual method. Code Blue IIS patch: http://www.microsoft.com/technet/security/bulletin/ms00078.asp, Code Red IIS patch: http://www.microsoft.com/technet/security/bulletin/ms01033.asp.
Anna Kournikova author stands trial The author of the Anna Kornikova virus, Jan de Wit has appeared in court appealing the case to be dismissed. 20 year old de Wit is charged with creating the email worm which is reported to have caused $166 000 in damages according to the FBI. De Wit claims that he should be treated leniently since he had no intention of causing damage and posted the virus to a newsgroup in February: “without thinking and without overseeiung the consequences.”
4
Despite de Wit’s protestations, he may face prison for the offence of spreading data into a computer network with the intention to cause damage. This crime carries a maximum sentence of four years in prison and a fine of 100 000 guilders ($41 300). According to anti-virus software vendor Sophos, the Anna Kournikova email worm impacted service levels all over the world as it spread, although thanks to fast reporting and patching, the effects were not as widespread as first anticipated. de Wit is due to be sentenced on September 27, look out for reports on the result in your October issue of Network Solutions.
immediately because the worm can autolaunch using a known vulnerability in earlier versions of these Microsoft applications Luckily the worm appears to be easily spotted by anti-virus products that have been updated to combat the Code Red worm previously reported here. Meanwhile Microsoft has issued advice on Microsoft has published information on what steps users and businesses should take to ensure their systems are adequately protected against the W32/ Nimda-A virus. The information is available at: //www.microsoft.com/technet /security/topics/Nimda.asp
technology News
Nimda virus hits Yet another worm has hit the headlines. This worm, codenamed Nimda (admin backwards) has been spotted on the Internet and appears to be spreading fast. The worm spreads through an infected email attachment, appears in the users inbox as a blank message. There is no subject line and no message. Attached is a attachment, usually called README.exe and accompanied by a HTML file. If launched the worm attempts to add malicious JavaScript to Web pages on IIS servers. Nimda is spread through Outlook and Outlook Express email clients and anti-virus vendors have rushed to issue warnings to those users who are using old, unpatched version of this software to update their programs
Email surives, buildings crash In a testament to the power of the Internet, New Yorkers have been explaining how email, rather than the phone system allowed them to let relatives know they were safe after the terrorist attrocities on 11th September 2001. Although workers were unable to get through on most phone lines, thousands of emails did manage to find their way to frantic relatives worldwide. Both mobile and landlines were affected by the attack, both from the excessive demands of worried relatives trying to contact workers and the physical aftermath of the collapse of the World Trade Centre. Luckily most ISPs were unaffected by the attack and were able to transmit
messages across the world from those who escaped safely. Mobile lines in New York were particularly badly hit because the main mast for the city was based on top of the World Trade Centre.
Military remote controls foil highjackers The US military is developing technology which will allow it to take control of highjacked planes to prevent future suicide attacks. Remotely piloted vehicles are being tested which will allow the military to gain control of the aircraft, while still in the air, in order to prevent recurrences of the recent US attacks. Dr Simon Bennett, aviation safety and disaster management expert from the University of Leicester’s Scarman Centre commented: “These systems could take the highjackers out of the control loop...Perhaps these technologies could be used as a safety net if you were confident a plane had been highjacked.” Of course these technologies would have to be hackerproof because in the wrong hands, could be devastating, but it is hope that in the future they would prevent this sort of attack. Bennett said: “This technology exists in the military to such an extent that they are confident enough to use it in the field. Maybe a commercial version could be looked at.”