InfoSec in the News

2001 and earlier

Most of these news stories could have been prevented with an effective security awareness program or they promote the use of security awareness.
Also visit our News Archives for older stories

Subscribe to the following e-mail lists for even more stories:

SANS NewsBites

Security Wire Digest

30 December 2004 - Corporate Executives Engaging in CyberCrime

Corporate America faces a new kind of cracker. Information-technology managers and chief technology officers-the people charged with safeguarding corporate networks-are engaging in acts of digital espionage. In the past two years, a half-dozen cases have hit the courts, charging that technology executives have broken into the computer systems of a rival. Keep the fingers of your competitors off secrets you now store on hard drives and servers.

30 December 2004 - Dutch Regulator Slaps Fines on Spammers
Dutch telecommunications regulator OPTA has imposed large fines on three spammers; the Netherlands banned unsolicited email to consumers in May, 2004. The fines ranged from 20,000 Euros to 42,500 Euros (approximately US$27,000 to US$57,000). One of the scams used SMS (short messaging service) to send mail to mobile phones. People who opened the mail were automatically charged 1.1 Euros (US$1.49). OPTA is coordinating an information sharing effort within the EU to help cut down the volume of
spam; eight of 25 EU member nations have signed up for the program.

28 December 2004 - AOL Reports Significant Drop in Spam Volume
America Online said that it has seen spam drop significantly to its customers. The average number of spam emails blocked daily dropped from 2.4 billion in 2003 to 1.2 billion in late 2004. AOL received 2.2 million spam complaints in November 2004, compared with 11 million in November 2003. AOL users report spam by clicking a "report spam" button. AOL says that anti-spam legislation along with its spam filtering tools are responsible for the decline in volume. Other Internet providers say they have not seen a decrease in the amount of spam on their networks over the past year; this may be attributable to AOL's aggressive stance regarding legal action against spammers.

28 December 2004 - Iowa Man Pleads Guilty in Piracy Case
Jathan Desir, a 26-year-old Iowa man, has pleaded guilty to copyright infringement and conspiracy to commit copyright infringement for his part in a piracy operation that distributed music, games, software and movies over the Internet. Desir will be sentenced on March 18, 2005, and will face up to 15 years in prison. Desir was caught through Operation Fastlink, which aims to curb digital piracy on an international level. http://news.zdnet.com/2102-3513_22-5505610.html?tag=printthis

24 December 2004 - The Dirty Dozen Spamming Countries of 2004
Did you know that over 40% of all spam is sent from innocent third party computers? Find out where the computers are around the world which are spewing out the most spam in this report from Sophos, and how you can ensure you are not adding to the problem.

21 December 2004 - Judge Refuses Guilty Plea in eMail Address Theft Case
US District Judge Alvin Hellerstein refused to accept a guilty plea from Jason Smathers, a former AOL employee who allegedly stole and sold 92 million email addresses to spammers. Despite the fact that Smathers had reached a plea agreement with federal prosecutors, the judge said he was not convinced that Smathers had deceived anyone by his actions. He cannot be prosecuted under the CAN-SPAM Act if he did not intend to deceive anyone.

21 December 2004 - Blood Bank Informs Donors of Possible Personal Data Compromise
A California blood bank has sent letters to donors whose personal information may have been compromised after one of the bank's laptop computers was stolen. The information is protected by a password and a series of steps necessary to open the database. A California law requires organizations to notify customers whose data may have been compromised in the event of a security breach. The company has said it will no longer collect social security numbers from donors and that it will revise the way it "handles computer hardware and other sensitive equipment."

20 December 2004 - Judge Awards Iowa ISP Damages in Spam Cases
A judge in Iowa has awarded a small ISP more than US$1 billion in damages in a default judgment against three alleged spammers. The enormous sum was determined under an Iowa law that levies a $10 fine for
each spam email sent. It is unlikely the plaintiff will recover any of the awarded damages.

17 December 2004 - Lowe's Wardrivers Sentenced
Two men who broke into Lowe's wireless computer network and tried to steal customer credit card numbers have received prison sentences for their crimes. Though Brian Salcedo could have received a sentence of up to 15 years under federal guidelines, his sentence was reduced to 9 years because he helped Lowe's address the security problems he had exploited. Adam Botbyl, an accomplice, received a 26-month sentence to be followed by 2 years of court supervised release. By compromising a Lowe's store wireless network in Southfield, Michigan, the men were able to access to the company's central computer system and other systems around the country. Salcedo's sentence is the harshest ever handed down for a cyber crime in the United States.

16 December 2004 - Phishing Attacks Increase in November
A newly released report from the Anti-Phishing Working group says that phishing attacks were up 29% in November, nearly a third higher than the figure for October. EarthLink and MSN were both highly targeted in November. The US accounted for 27% of phishing sites; China accounted for 21%.

16 December 2004 - Australian Police Allowed to Use Spyware to Gather Evidence
Australian legislators recently passed The Surveillance Devices Act, allowing law enforcement to use backdoor and keystroke-logging programs to gather evidence against suspected criminals. The warrants to use the technology would be granted in cases where the offense being investigated carries a sentence of three or more years. Some critics of the act are concerned that it gives law enforcement too much power; others are concerned that it conflicts with parts of the country's Telecommunications Interception Act. Still others fear that evidence gathered under the act would not be admissible in court, as the computer in question has already been compromised in order to install the spyware.

13 December 2004 - Healthcare Security group to Release HIPAA Compliance Guidelines
The Healthcare Security Workgroup says it will release guidelines to help health care organizations comply with the data security requirements established by the Health Insurance Portability and Accountability Act (HIPAA). The security provisions of the Act take effect in April 2005.

13 December 2004 - Judge Throws Out Maryland's Anti-Spam Law
A Maryland judge has ruled the state's anti-spam law is unconstitutional and tossed out a suit against a New York e-mail marketer, saying the state law seeks to regulate commerce outside Maryland's borders.

13 December 2004 - CAN-SPAM Has Not Reduced Spam Volume
The CAN-SPAM Act, which went into effect nearly one year ago, has had no effect on the amount of spam in people's mailboxes; in fact, spam volume has increased. Part of the reason for its apparent lack of efficacy is that it relies on an opt-out model that is counterproductive. CAN-SPAM has, however, provided a framework to prosecute spammers. The Federal Trade Commission has filed 5 lawsuits under the act, and two states, Massachusetts and Washington have each filed one suit under the act.

10 December 2004 - Man Sentenced to 7 Years in Prison for DirecTV Piracy
Martin Mullen has received a 7-year prison sentence after pleading guilty to conspiracy to violate anti-piracy laws. Mullen apparently ran an organization that sold smart cards that had been tampered with to allow people to view DirecTV without paying. Mullen was also ordered to pay US$24 million to DirecTV and NDS Ltd., the company that makes the smart cards. Interestingly, NDS engineers are working to crack a memory stick that was seized from Mullen when he was arrested; the assistant US Attorney who prosecuted Mullen says the government gave the memory stick and some other evidence to NDS because the government did not have the facilities to analyze the equipment.

8 December 2004 - Digital PhishNet Will Channel Phishing Information to Law Enforcement
A group of ISPs, technology companies, banks and law enforcement agencies have come together to help in the fight against phishing. Called Digital PhishNet, the group's aim is to gather information about phishing schemes as they occur and expedite the process of getting that information to appropriate law enforcement agencies.

7 December 2004 - Trojan Horse Program Pretends to be Lycos Anti-Spam Screensaver
A keystroke-logging Trojan horse program, known as Mdropper-IT, has been circulating on the Internet in the guise of being Lycos Europe's anti-spam screensaver that has recently garnered attention. It arrives as an attachment and steals passwords, usernames, credit card details and other sensitive personal data. Lycos Europe stopped its campaign on December 3, 2004 due to criticism that the screensaver's activities
were responsible for knocking sites offline.

6 December 2004 - Internet Users Concerned About eCommerce and Banking Security
A survey of 5,000 adult Internet users conducted by Gartner found a growing concern with the lack of security on banking and e-commerce web sites. More than 80% of the people surveyed said they would be more likely to purchase from sites that require more than usernames and passwords for account protection. Given choices among additional authentication technologies, respondents favored the simple, such as challenge and response features, over the more complex, such as security software downloads, and multi factor authentication like smartcards and USB tokens.

29 November 2004 - Cyber Attacks Are All About Money: Q&A with FBI's Dave Thomas
Dave Thomas oversees the FBI's counter-terrorism and criminal computer intrusion investigations. He provides a candid picture of what the FBI is seeing in new types of attacks. He talks about who is committing cyber crimes, where they are coming from geographically and what is being done to prevent the crimes. Cyber criminals are increasingly motivated by financial gain rather than mere notoriety. "It used to be about access, but it's all about money now."

19 November 2004 - Phishing Victims Still Learning the Hard Way
A compelling series of three articles about phishing include interviews with nearly a dozen phishing victims underscores the rampant growth of these attacks and what steps are being taken to mitigate the problem. http://www.washingtonpost.com/ac2/wp-dyn/A59347-2004Nov18?language=printer
[Editor's Note (SANS): It is extraordinary that the Washington Post.com journalists were able to find actual victims willing to discuss what happened. Their stories bring the problem to life for readers. If you have security awareness training in your organization, these stories will be great handouts.]

19 November 2004 - New Sober Variant Spreading Rapidly
A new variant of the Sober worm began spreading late last week. Sober arrives in an email attachment and uses its own SMTP engine to spread to other email addresses it finds on the infected computer. Machines running Windows 95, 98, ME, NT, XP, 2000 and 2003 are vulnerable. It places two copies of itself on machines it infects.

17 November 2004 - FTC Alleges Mortgage Companies Violated GLBA
The Federal Trade Commission has issued an administrative complaint against one mortgage company and has reached a settlement agreement with another regarding charges both violated the Gramm-Leach-Bliley Act's Safeguard Rule. The rule requires financial companies to provide reasonable protection for customers' personal and financial data.

17 November 2004 - Porno Trojan Preys on Sleazy Web Surfers
The Troj/Delf-IT Trojan horse redirects web browsers to a pornographic website. The Troj/Delf-IT Trojan horse lurks in the background on infected PCs, waiting for the user to visit webpages which contain one of various adult phrases in their title. http://www.sophos.com/virusinfo/articles/delfit.htm

15 November 2004 - Spammer's Trial Reveals Mailing List Sources
Over the course of Jeremy Jaynes's trial, details emerged about the spammer's activities. His mailing lists were a stolen AOL customer database and an eBay customer database. He sent out 10 million emails a day on 16 high speed lines. http://www.informationweek.com/shared/printableArticle.jhtml?articleID=52601698

11 November 2004 - UK Online Bank Accounts Put at Risk by Trojan Horse
Security researchers at Sophos have warned of a Trojan horse which helps criminals break into the accounts of British internet banking customers. http://www.sophos.com/virusinfo/articles/ukbanktrojan.html

10 November 2004 - Alleged Phisher Arrested in Boston
Boston police have arrested an alleged phishing scam artist. Andrew Schwarmkoff has been arraigned on counts of fraud, larceny, identity theft and receiving stolen goods. Schwarmkoff, who is alleged to be a Russian mobster, was ordered held in lieu of US$100,000 bail.

8 November 2004 - Bofra-B worm poses as PayPal credit card purchase
Anti-virus experts at Sophos have warned users to be wary of unsolicited emails appearing to come from PayPal, as they may be luring the unwary into being infected by the W32/Bofra-B worm. The worm sends emails pretending to be notification from PayPal of a $175 credit card purchase. Find out what the emails look like now, and ensure you are protected. http://www.sophos.com/virusinfo/articles/bofrab.html

8 November 2004 - BSA to Double Reward Cap for UK Whistleblowers
The Business Software Alliance has announced that it is doubling the maximum reward it offers to people who inform them about UK companies using pirated software. Whistleblowers will now receive 10% of the face value of the software recovered up to GBP20,000.

8 November 2004 - Study Shows IT Security Professionals Will Number 2.1 Million by 2008
A study conducted by IDC projects that the number of IT security professionals worldwide will increase to 2.1 million by 2008, a compound annual growth rate of 13.7% from 2003. In addition, the study found that 93% managers responsible for hiring security staff consider certifications to be important.

8 November 2004 - Internet Scam "Mastermind" Sentenced to Prison
An Australian judge has sentenced Nick Marinellis to at least four years in jail for "masterminding" a Nigerian 419 scam in which he stole approximately AU$5 million (approximately US$3.78 million) from his victims. Marinellis will not be eligible for parole until February 28, 2008.

5 November 2004 - Stolen Computers Contain Wells Fargo Customer Data
Four computers stolen from Regulus Integrated Solutions LLS's Atlanta office contain names, addresses, social security and account numbers belonging to thousands of Wells Fargo student loan and mortgage customers. Wells Fargo has notified affected customers by mail and is offering a free year of its credit monitoring service.

5 November 2004 - DDoS Boss on FBI's Most Wanted List
Saad "Jay" Echouafni, who allegedly hired people to launch distributed denial of service attacks against business competitors, has been placed on the FBI's most wanted list after he apparently skipped bail, possibly fleeing to his home country of Morocco. He is a fugitive from a five-count federal indictment. Five men Echouafni allegedly hired to
orchestrate and conduct the attacks are headed for federal court.

5 November 2004 - Univ of Texas Student Indicted on Fraud Charges for Alleged Data Theft
A federal grand jury has indicted Christopher Andrew Phillips, a former University of Texas student, on charges he broke into the university's computer system and stole personal data belonging to more than 37,000 students, faculty and staff. Phillips's attorney maintains his client had no criminal intent, that he did not use any "hacking tools" and that the school's computer system was not posted with "Do Not Enter" signs.

4 November 2004 - New Phishing Tactic is Stealthy
MessageLabs has reported seeing what could become a new twist in phishing scams. These emails contain a script that, once the email is opened, rewrite host files to automatically redirect users to phishing sites when they attempt to visit legitimate banking sites. Traditionally, phishers' emails have required victims to open an email
and then click on a link to the fraudulent web site. The only banks that have been targeted thus far are three Brazilian banks. Users can protect themselves from this particular attack by disabling Windows Scripting Host.

4 November 2004 - Siblings Convicted of Spamming
Jeremy Jaynes and Jessica DeGroot have been convicted of sending thousands of spam emails to AOL subscribers through the company's servers in Virginia. The jury recommended that Jaynes receive a 9-year prison sentence and that DeGroot, his sister, be fined US$7,500; they will be formally sentenced early next year. A third defendant in the
case was found not guilty.

1 November 2004 - Top ten viruses and hoaxes reported for October
Find out which viruses dominated the charts in the month of October, and which email hoaxes continue to be spotted
by users around the world.

29 October 2004 - Two Oxford Students Suspended for Computer Network Intrusion
Oxford University's Court of Summary Jurisdiction has suspended two students on charges of breaking into the school's computer network. Patrick Foster and Roger Waite wrote of their activities in the Oxford Student newspaper, maintaining they wanted to expose the security weaknesses in the computer system. The two feel the punishment is too harsh and say they will appeal the decision.

28 October 2004 - Secret Service Undercover Investigation Nets 28 Alleged Identity Thieves
A US Secret Service undercover investigation code-named Operation Firewall led to the arrest of 28 people in seven countries on charges of identity theft, computer fraud, credit card fraud and conspiracy. The group allegedly stole 1.7 million credit card numbers and forged numerous identity-related documents, such as licenses, birth certificates and passports. http://www.theregister.co.uk/2004/10/29/operation_firewall/print.html

26 October 2004 - Three Alleged AOL Spammers on Trial in Virginia
Three people are on trial in Virginia for allegedly using false identities to send millions of unsolicited commercial emails to AOL customers. Though the defendants are from North Carolina, the trial is in Virginia the physical location of AOL's servers. Virginia has the harshest anti-spam law in the country; if the three are convicted of the charges against them, they could face up to 15 years in prison.

25 October 2004 - Company Tries to Gain Competitive Edge Through Intrusion
In an example of what attorney Mark Rasch says is a growing trend of cyber intrusion for profit, Getloaded.com accessed information on Truckstop.com's web site, without authorization. Truckstop.com had established a solid business of finding loads for long haul truck drivers so they don't have to make return trips with empty vehicles.
Getloaded.com wanted a piece of the action. Judge Andrew J. Kleinfeld issued an opinion for the United States Court of Appeals for the Ninth Circuit.

25 October 2004 - Average Home User's PC Rife with Spyware, Weak on Security
A survey from America Online and the National Cyber Security Alliance found that the average home user's PC is not as secure as its owner may think. The survey included an inspection of the computers belonging to 329 respondents. Despite the fact that 77% of the participants said they believed they were protected from security threats, two-thirds lacked the combined protection of current antivirus software and a firewall, though 85% do have anti-virus software installed. 72% used their computers to conduct sensitive personal business, such as banking or the transmission of medical information. The inspections of the computers found 80% contained multiple spyware programs, and 20% were infected with a virus.

25 October 2004 - Red Hat Warns of Phony Patch Messages
Red Hat has published a warning about phony security alerts circulating on the Internet; the messages purport to be a Red Hat patch for a critical vulnerability but in fact contain malicious code. Red Hat says all updates from them are digitally signed and that the signature should be verified before anything is installed.

25 October 2004 - Malware Targets Mac OS X
The Opener or Renepo-A malware is a Mac OS X rootkit that includes a keystroke logger and backdoors. Opener is a shell script requiring superuser privileges for installation and is not spreading.

24 October 2004 - Judge Issues Restraining Order Against Alleged Spammer
US District Judge Joseph DiClerico has issued a restraining order against Stanford Wallace, known as the "Spam King," and his companies, ordering them to disable spyware programs. A hearing is scheduled for November 9, 2004.

22 October 2004 - Seoul Government Bans Internet [Instant] Messenger services
The Seoul (South Korea) Metropolitan Government has prohibited its employees from using Internet [instant] messaging, chat services and "connections to harmful Internet sites" in order to guard against information leaks. ("protect internal information")

21 October 2004 - Brazil police arrest over 50 in phishing Trojan investigation
Federal police in Brazil have arrested more than 50 people for stealing money from internet bank accounts with a series of phishing Trojan horses. Allegedly, in the region of $30 million is said to have been stolen from online banking customers.

20 October 2004 - Singapore Likely to Increase Penalties for Piracy
Singapore's parliament is considering amendments to the country's Copyright Act which would impose a maximum sentence of 6 months in jail and a fine of S$20,000 (US$12,000) for people convicted of Internet piracy for the first time. Repeat offenders would face three years in jail and fines of S$50,000 (US$30,000). The amendments are likely to pass in mid-November and become law on January 1, 2005.

19 October 2004 - ID theft, phishing altering online habits
Consumers, increasingly fearful of identity theft, want more security before they'll engage in online banking and other Internet-based services, according to a survey released Tuesday.

19 October 2004 - Man sentenced to 2 1/2 Years in Prison for Accessing Computer Systems
Daniel Baas has been sentenced to 2 1/2 years in prison for breaking into business and law firm computer systems to access legal documents, financial data and other material that he copied for himself. Baas pleaded guilty to unauthorized computer access. Baas is also awaiting sentencing for his role in breaking into Acxiom Corp.'s computer system.

18 October 2004 - 12 Arrests Made in Hong Kong Phishing Scheme
Law enforcement officials have arrested 12 people in connection with a phishing scheme in Hong Kong that allegedly resulted in the loss of HK$600,000 (approximately US$77,000). Six of the suspects have been charged with theft and face sentences of up to 10 years in jail if they are convicted.

16 October 2004 - NZ Health Ministry Official Sentenced to 3 Years in Jail for Cyber Theft
New Zealand Health Ministry employee John Denison has been sentenced to 3 years in jail for breaching the security of the Ministry's banking system and diverting $2.15 million to his own account, established with fictitious documents. Wellington District Court Judge Robert Kerr has suppressed details of Mr. Denison's attack. http://australianit.news.com.au/common/print/0,7208,11087415%5E15331%5E%5E

15 October 2004 - UK Court Charges Four in Large Phishing Scheme
A London court has charged four Eastern European people with phishing, marking the first case in which charges have been brought against people for phishing, according to Britain's National Hi-Tech Crime Unit (NHTCU). The four, who allegedly defrauded banks of a considerable amount of money, are scheduled to appear at a preliminary hearing on October 21.

12 October 2004 - Business Software Alliance Annual Sweep Brings in Millions
The Business Software Alliance's most recent anti-piracy sweep netted more than US$2.2 million in out-of-court settlements with 25 companies. The watchdog group seeks out companies that are using software in violation of licensing agreements and copyright laws. The money will be put toward educational initiatives, such as a campaign aimed at children to discourage them from using peer-to-peer networks for trading copyrighted material. http://news.zdnet.com/2102-3513_22-5406668.html?tag=printthis

12 October 2004 - DOJ Would Like to See Intellectual Property Laws Revamped
The US Department of Justice released a report singing the praises of both the Piracy Deterrence and Education Act, which makes it a crime to use certain file sharing products, and the Induce Act, which would allow lawsuits to be brought against companies whose products "induce" people to illegally trade copyrighted materials. The DoJ report calls for significant changes to US intellectual property law, maintaining that piracy through peer-to-peer file sharing networks is a significant problem.

12 October 2004 - Funner Worm
The Funner worm spreads by sending itself to contacts it finds in Microsoft's MSN Messenger; it then modifies the registry and overwrites hosts file entries.

11 October 2004 - Alleged Spammer Settles Case with Massachustts AG
DC Enterprises and its owner William Carson have settled a case brought by Massachusetts Attorney General Tom Reilly alleging that the company and Carson violated the CAN-SPAM Act and the Massachusetts Consumer Protection Act by sending out unsolicited commercial email that did not provide valid opt-out provisions. The case is the first to be brought under CAN-SPAM in the state of Massachusetts. Carson and DC Enterprises will pay US$25,000 and will cease to violate the CAN-SPAM Act and Massachusetts mortgage broker and advertising laws. http://news.zdnet.com/2102-9588_22-5406062.html?tag=printthis

11 October 2004 - South Korean Police Arrest Prolific Cyber Criminal
The Cyber Terror Response Center of South Korea's National Police Agency has arrested a man who allegedly broke into 1,152 computer systems since March 2003. The man, who has been identified only as Lee, used to work at an information security company. Police are investigating the possibility that he may have sold information he accessed through his break-ins.

4 October 2004 - Malicious JPEG File Posted on Newsgroups

A malicious JPEG file has been posted on some newsgroups; code embedded in the file attempts to exploit a recently disclosed JPEG flaw which could allow attackers to gain control of infected machines.

4 October 2004 - Sony Japan Will Stop Making CDs with Copy Protection
Citing an increased awareness of copyright and piracy issues as well as more stringent laws to punish violators, Japan's Sony Music Entertainment will stop incorporating copy protection into their CDs. It is also probable that customer dissatisfaction with the arrangement factored into the company's decision.

4 October 2004 - North Korea Has Trained 500+ in Cyber Warfare, Says Report
According to a South Korean Defense Ministry report, North Korea has trained more than 500 people in cyber warfare tactics. The cyber troops reportedly went through a five-year training course focusing specifically on infiltrating computers in South Korea, Japan and the US.

2 October 2004 - Yoran Resigns DHS Cyber Security Position
DHS National Cyber Security Division director Amit Yoran has resigned his position as of September 30. Yoran, who held the position for one year, said he has achieved his goals: building the division and US-CERT. Some say Yoran's resignation points to the need to elevate the position within DHS.

30 September 2004 - RIAA Files 762 New Suits
The Recording Industry Association of America (RIAA) has filed against 762 people for allegedly trading music over the Internet and violating copyrights. The defendants are unnamed, identified only as "John Doe" and by an IP address; this allows the RIAA to seek subpoenas that would require ISPs to reveal their customers' names. Individuals at 26
universities and colleges across the country have been named as defendants, but the RIAA has not filed suits against the schools themselves.

[Editor's Note (SANS): See this story for raids on P2P in the island nation of Iceland. Bandwidth usage on the island nation apparently dropped 40% as word of the raids spread.

29 September 2004 - Man Pleads Guilty to Spamming Through Hijacked Wireless Accounts
Nicholas Tombros has pleaded guilty to sending spam through other people's wireless accounts which he accessed without authorization. Tombros pleaded guilty to one felony count; when he is sentenced on December 27, he could face up to six months in jail. The case is believed to be the first criminal conviction under the federal CAN-SPAM Act.

28 September 2004 - Governor Schwarzenegger Signs Anti-Spyware Bill
California Governor Arnold Schwarzenegger has signed a bill which makes it illegal to install spyware on computers without authorization. The legislation would allow people to sue those responsible for installing the software for damages. The bill also prohibits keystroke-logging and software which takes control of others' computers in order to send spam or spread malware. the bill has been criticized for being "toothless."

28 September 2004 - House Passes Piracy Deterrence and Education Act
The US House of Representatives has passed the Piracy Deterrence and Education Act of 2004, which expands the scope of file traders who may be prosecuted for their actions from those who "willingly" share
copyrighted material to those who "knowingly" do so.

28 September 2004 - UCLA Will Warn Students About Copyright Infringement, but Won't Snoop
The University of California at Los Angeles (UCLA) is using a system to warn students who have been identified as pirating copyrighted digital content, like movies and music, but the school has chosen to stop short of actually snooping on the students' activity, saying doing so would violate their privacy.

28 September 2004 - Security violations lead to terminations
The best medicine for those who violate patient privacy is a pink slip and full press coverage, according to the CIO for several prestigious medical institutions.

24 Sept 2004 - Microsoft Files Suits Against Alleged Spammers and Web Hosting Company
Microsoft has filed lawsuits against eight individuals and one web hosting company for their alleged involvement in sending spam. Microsoft attorney Aaron Kornblum said the suit against the web hosting company marks the first time action has been taken against a web host that "caters to spammers."

24 September 2004 - Networked Photocopiers' Content Can Be Exposed on Google
Carefully crafted searches on Google can reveal login details for photocopiers that are network connected; attackers can use the information to see what is being copied. Organization security staff should check Google regularly for cached information on company domain names; Google will remove information if requested.

23 September 2004 - Ernst & Young's 2004 Information Security Survey
Ernst & Young's 2004 Information Security Survey, which includes data from 1,233 organizations, found that most concentrate on external security threats, like viruses and worms, but neglect insider security threats. Respondents named lack of user security awareness the top impediment to information security, yet only 28% of respondents named user education as a top priority for the coming year. Ernst & Young recommends that organizations create a security-conscious environment from the top down, with management leading by example. http://www.theregister.co.uk/2004/09/23/insider_risk/print.html
[SANS Editor Note (Northcutt): A dollar invested in awareness training yeilds far more results than buying yet another security gadget.]

23 September 2004 - BSA Has 700 Active Piracy Investigations in U.S.
Though the incidence of software piracy has dropped from 50% to 33% over the last 10 years, the Business Software Alliance still keeps busy; the software publishers watchdog organization presently has 700 active investigations in the United States. The penalties for companies using pirated software can add up: copyright holders can sue for damages and profits, as well as for statutory damages of as much as US$150,000 per
instance of piracy. http://www.computerworld.com/printthis/2004/0,4814,96109,00.html

21 September 2004 - FDIC Issues Instant Messaging Guidelines
The Federal Deposit Insurance Corporation (FDIC) has issued instant messaging (IM) guidelines which, while intended for organizations within the financial industry, are sensible enough for companies in any industry to adopt. The guidelines include setting up firewalls to block incoming and outgoing public IM traffic, creating rules to block IM delivery and file sharing and deploying strong antivirus and patch management programs.

20 September 2004 - Man Arrested in Connection with Cisco Source Code Theft
UK police arrested a 20-year-old man on September 3 in connection with the theft of Cisco source code. The man was arrested in the wake of raid on several homes; investigators are examining property confiscated during the raids, including a number of PCs. More than 800MB of Cisco source code was posted to a Russian security site in May of this year.

17 September 2004 - Father and Son Sentenced in Software Piracy Case
A criminal court in Stuttgart, Germany has sentenced two men two men on charges of piracy of Microsoft software. Dieter Rimmele received a sentence of three years without parole; his father, Hubert Rimmele, received a 16-month jail sentence and was ordered to perform 100 hours of community service. Several days later, German police arrested four people for allegedly selling pirated software, movies, games and music over the Internet. http://www.computerworld.com/printthis/2004/0,4814,95908,00.html

17 September 2004 - USD87 Million Worth of Pirated Software Seized; 11 Indicted
A two-year investigation has culminated in conspiracy charges being brought against 11 people in what is possibly the largest seizure of pirated software in the US. The software and accompanying documentation have an estimated value of USD30 million, and could be as much as USD87 million. All 11 have been indicted and were scheduled to appear before a judge on Monday, 20 September. If they are convicted, they face federal prison sentences of between 15 and 75 years.

17 September 2004 - FTC Considers Offering Bounties for Spammer Convictions
The US Federal Trade Commission would like to be able to prosecute more spammers, but given the lack of admissibility of much of the evidence they use in identifying spammers, this has proven problematic. What they need is hard, admissible evidence, probably provided by an insider. Such evidence would likely be provided only if there were a bounty program, much like Microsoft's $250,000 bounty for the successful prosecution and conviction of malware authors.

16 September 2004 - Some LANL Employees Lose Jobs, Others Cleared or Demoted
Of the 23 people suspended from their jobs at Los Alamos National Laboratory (LANL) this summer in the wake of an investigation triggered by security problems, four have been fired, one is likely to resign, 7 have been demoted, 10 have been cleared of any wrongdoing and one is still on investigative leave.

15 September 2004 - Phishers Target Gmail Accounts
Some phishers are now trying to steal Gmail accounts. The phishing email informs Gmail users that they can invite friends to sign up for a Gmail account if they fill out a form that includes their Gmail address and password. Gmail accounts are in demand because of their limited availability. Google does send out free invitations for users to send to friends, but all the users need to do is click on a button, rather than providing their personal account information.

15 September 2004 - Man Pleads Guilty in Identity Theft Case
Former Teledata employee Philip Cummings has pleaded guilty to one count each of conspiracy, fraud and wire fraud for his role in an identity theft scheme. Cummings's position at Teledata gave him access to user names and passwords which allowed him and his alleged accomplices to access and download credit reports from all three major credit bureaus. His sentencing is scheduled for January 11; he could receive a maximum prison term of 50 years. Cummings and an alleged accomplice stole more than 30,000 credit reports. Two other alleged conspirators are scheduled to go to trial on November 3.

11 September 2004 - PWC/CIO Magazine 2004 State of Information Security Study
The 2004 State of Information Security study from PricewaterhouseCoopers and CIO Magazine found that North America and Europe led South America and Asia in security and best practice implementation. 64% of the companies surveyed said they expected security spending to increase this year. The study was conducted online in late March and April 2004; more than 8,000 CIOs, CFOs, CEOs, VPs and directors of IT and security from 62 countries responded to the survey.

8 September 2004 - Singapore Bank is Latest Phishing Mark
Phishers have targeted customers of Singapore's OCBC Bank Internet banking service. OCBC said that the phony site which was being used to try to steal customers' account information has been shut down. OCBC has notified the police and the Monetary Authority of Singapore.

8 September 2004 - Savvis Shuts Down Spammers' Service
St. Louis, MO-based Savvis Communications, an international Internet service provider, says it will cancel service for about 40 customers who are known to be using the network to send spam. Savvis made the decision only after pressure from anti-spam organizations. The company had, according to leaked internal memos, known about the problem for several months but had dragged its feet about doing something to remedy the situation because it would feel a financial pinch.

8 September 2004 - House Committee Approves Anti-Piracy and Spyware Measures
The House Judiciary Committee has approved the Piracy Deterrence and Education Act of 2004 which, if enacted, would impose a sentence of up to five years for people convicted of illegally sharing copyrighted music and movies over the Internet. The bill will next head to the House for debate. The committee also approved the Internet Spyware Prevention Act of 2004, a measure which criminalizes the act of placing spyware on people's computers without their express permission.

8 September 2004 - How Hackers Infect PCs To Spread Spam and Steal Money
In a landmark study of the economics and techniques of hackers, two top reporters from USA Today have painted a vivid picture of what is really going on in cyber crime today and how it involves millions of home and business users. This article is the first of two parts. Part One vividly illustrates the problem and ends with the challenge: "Consumer outrage needed." On Thursday, September 9, Part Two shows that the problem will just get worse if vendors and ISPs continue to refuse to do their fair share to reduce the risk.

3 September 2004 - California State University Hard Drive was Probably Thrown Away
The disappearance of a hard drive containing the names, addresses and social security numbers of 23,000 students, faculty and staff at California State University campuses has prompted university officials to contact everyone whose information may have been exposed, as required by a new state law. All those affected received letters though there have been no reports of identity theft; a police investigation concluded that the drive in question was probably thrown away by mistake rather than stolen.

3 September 2004 - Man Receives Three Year Sentence for Software Piracy
Alexander Tobolsky has been sentenced to just over three years in prison for copyright infringement. Mr. Tobolsky sold pirated copies of Intuit financial software over the Internet.

30 August 2004 - Man Enjoined from Spamming Verizon Wireless Customers
Verizon Wireless has won a permanent injunction against a Rhode Island man who allegedly sent a plethora of spam text messages to the company's customers. According to the ruling, Jacob Brown is prohibited from sending any more messages to Verizon Wireless customers.

27 August 2004 - Operation Web Snare Leads to 150 Arrests
Sophos has welcomed the US authorities' firm action against suspected spammers, phishers and other cybercriminals in "Operation Web Snare". Read more about the arrests made so far.

27 August 2004 - Trojans Target British Banking Customers
Experts at Sophos have warned computer users about Trojan horses that try to steal account details from users of a number of British online banks. http://www.sophos.com/virusinfo/articles/tofger.html

27 August 2004 - Australian PM Admits Hiring Son to Send Political Spam to Voters
Australian Prime Minister John Howard admitted he hired his son's company to send out political spam to voters. Some are saying that Howard has violated the country's anti-spam laws. While the laws prohibit the sending of unsolicited commercial email, charities and political groups are exempt. However, Howard's use of his son's company, which is commercial, violated "the spirit, if not the letter of the anti-spam laws," according to opposition spokeswoman Kate Lundy.

26 August 2004 - Study Says Insider Attacks Don't Require Great Technical Expertise
A Secret Service and CERT Coordination Center study of insider attacks at financial institutions found that most attacks did not require much "technical sophistication"; in fact, 87% of the attacks were made using "simple, legitimate user commands." In addition, most attacks were driven by desire for financial gains and were planned -- in 85% of the cases, someone else knew about the plan to launch an attack. The study took into account 26 attacks at financial services providers that occurred between 1996 and 2003.

26 August 2004 - Phishers Target German Banks' Customers
Phishers have begun targeting customers of German banks; there have been reports that customers of Postbank and Deutsche Bank have received phony email messages that try to trick them into revealing account and PIN numbers. No bank customers have lost money though some have come close. Two Postbank customers nearly lost 21,000 Euros between them, but the transactions were caught -- one by a customer and the other by the bank.

26 August 2004 - Winamp Flaw Allows Spyware Onto Computers
Adware makers can exploit a flaw in Winamp to place their stealth programs on people's computers. The problem stems from the fact that Winamp allows skin files to run programs. Winamp is a digital music player made by Nullsoft, an AOL subsidiary. The company is aware of the vulnerability but has not yet come up with a fix. http://asia.cnet.com/newstech/security/printfriendly.htm?AT=39191393-39000005c

26 August 2004 - DoJ Seizes Property in P2P Network Investigation
The Justice Department executed search warrants in three states and seized computers and other equipment as part of a investigation into a peer-to-peer network that was sharing copyrighted movies. music and games. The Underground Network, which is the focus of this investigation, is managed by hub computers that restricted who could participate. http://www.eweek.com/print_article/0,1761,a=134097,00.asp

24 August 2004 - International Effort Breaks Worldwide Piracy Ring
More than 100 people have been arrested worldwide in connection with an on-line piracy ring. The arrests were the result of a cooperative effort between the UK, the US, Australia, Poland and Slovakia. Ring members apparently broke into computers at academic institutions and used their disk space to serve the pirated content. http://www.theregister.co.uk/2004/08/24/anti-piracy_swoop/

24 August 2004 - Former Employee Faces Prison and Fine for Alleged Intrusion
Patrick Angle of Columbus, Indiana has been charged with breaking into the computer system of his former employer, Varian Semiconductor Equipment Associates Inc. Angle allegedly broke into the system when he discovered his contract was going to be terminated, then allegedly deleted source code for software he had been developing. He also allegedly altered log information. Varian was able to recover the lost data from backup systems at a cost of USD 26,455. If he is convicted of the charges against him, Angle could face a ten-year prison sentence as well as a fine of up to USD 250,000 plus restitution.

24 August 2004 - Report Shows Which Countries Export The Most Spam
Sophos researchers have identified which countries are pumping out the most spam. Find out which country is the worst offender, and how innocent unprotected computers are adding to the spam problem.

24 August 2004 - Is Your Webcam Spying on You?
The Rbot-GR worm can take over webcams, and may be secretly spying on you in your home or office. Read more now and ensure you are properly protected.

23 August 2004 - MPAA Files Suits Against DVD Chip Manufacturers for Illegal Sales
The Motion Picture Association of America (MPAA) has filed lawsuits against two DVD-chip manufacturers, Sigma Designs and MediaTek, for allegedly selling chips to companies that are breaking copy protection rules. The products in question include features that are not allowed under the general DVD technology license. Furthermore, selling the chips to those companies violates the terms of the license Sigma and MediaTek had to sign in order to manufacture the chips in the first place.

23 August 2004 - Cyberharassment Q & A
This article defines cyberharassment and cyberstalking, offers advice for avoiding becoming a victim and discusses how current law views cyberharassment and cyberstalking.

23 August 2004 - IM Adoption Slowed by Security, Compatibility Concerns
Businesses are slow to adopt instant messaging due to a lack of interoperability and security concerns, according to the Yankee Group.

20 August 2004 - RIAA Suits Against Individuals Proceeding
The Recording Industry Association of America (RIAA) continues to pursue lawsuits against individuals for copyright violations in which music is illegally downloaded. While people would like to fight the lawsuits, they more often than not find it too expensive and end up settling with the RIAA. Nearly 4,000 people have been sued since the RIAA began filing the suits in September 2003.

20 August 2004 - Study: Organizations Not Taking Mobile Device Security Concerns to Heart
According to a study from Forrester Research, most organizations have not put mobile device management systems in place despite the security threats the devices pose. Of the companies surveyed for the study, only
9% had deployed systems to manage mobile devices; an additional 20% were piloting or planned to deploy a management plan.

19 August 2004 - New AIM Trojan Steals Financial Data
A new variant of Download.ject is threatening AIM users, opening backdoors and stealing financial data.

18 August 2004 - Unpatched PCs Infected In Minutes
New, unpatched and unprotected computers survive only about 20 minutes before being exploited. Last year the survival time was nearer 40 minutes. http://www.gcn.com/vol1_no1/daily-updates/26967-1.html

13 August 2004 - UK Police Warn of Phishing Scam that Uses Key-Logger Trojan
The UK's National Hi-Tech Crime Unit (NHTCU) has issued a warning about a key-logging Trojan horse program that attempts to steal online banking account numbers and PINs. Phishers send out spam email that appears to be an invoice and provides a link for recipients to view more details about the order. The link in fact leads to a site that downloads a Trojan horse program onto vulnerable computers.

12 August 2004 - Teenager Pleads Guilty to Creating and Spreading Blaster-B
19-year-old Jeffrey Lee Parson has pleaded guilty in federal court to creating and distributing the Blaster.B worm one year ago this month. Parson also admitted he added a Trojan horse program to Blaster.B that let him gain access to infected computers. He could face a prison term of up to just over three years when he is sentenced in November, and may also be required to pay millions of dollars in fines. http://www.computerworld.com/printthis/2004/0,4814,95199,00.html

12 August 2004 - Copier Security
As copiers gain functions like the ability to scan, fax and store documents, they become increasingly vulnerable to cyber attacks. Embedded operating systems in copiers make them vulnerable to MSBlast and similar malware. Some copier manufacturers have begun offering security features like firewalls, secure network interface cards and the ability to electronically shred data after it has been stored on the copier's hard disk.

12 August 2004 - eMail Security Companies Say They Will Support Sender ID
A number of email security companies voiced support for Microsoft's Sender ID sender authentication standard and said they would incorporate it into their products. The companies had gathered at a summit requested by the eMail Service Provider Coalition (ESPC) and hosted by Microsoft.

11 August 2004 - MPAA Says Case Shows Copyright Infringement Will Not be Tolerated
The Motion Picture Association of America has reached a settlement in a copyright violation case with 321 Studios over the company's DVD copying software. Citing the expense of fighting lawsuits, 321 Studios ceased operations after the settlement. MPAA views its victory in the suit as a clear message from the courts that copyright infringement will not be tolerated. A Taiwanese site, DVDXCopy2.com, was reportedly offering to sell the software once sold by 321 Studios, but the site was down as of August 12.

11 August 2004 - Illinois College Student Allegedly Downloaded Information from Student Database
Three computers have been seized and three Southern Illinois University Evansville students questioned in connection with a database intrusion. A student allegedly downloaded the names and passport information of 500 foreign students, according to a search warrant filed by university police. The database was established by the university to comply with USA PATRIOT Act provisions. A university spokesman says he expects the university to seek criminal charges. The breach was discovered during
a university Office of Information Technology daily log check. While the system does not allow the alteration of data, it was set up to allow database access without a password.

2 August 2004 - Two Arrested in DVD Piracy Case
US and Chinese law enforcement officials worked together on an investigation that led to the arrest of two US nationals in connection with a DVD piracy ring.

31 July 2004 - Sophos Reveals Top Viruses in July 2004
A report published by Sophos has reveals which viruses and internet hoaxes caused the biggest nuisance last
month. http://www.sophos.com/pressoffice/pressrel/uk/20040803topten.html

31 July 2004 - Alleged Spammer Halted, Assets Frozen
A US District Court judge has issued a temporary restraining order that prohibits Creaghan A. Harry from sending spam and blocks his assets. Harry allegedly sent millions of spam messages advertising human growth hormone products; the Federal Trade Commission received 40,000 complaints about Harry's practices in the first five months of 2004. The FTC filed a complaint against Harry in July, alleging that a number of his actions, including spoofing return addresses and using open proxies, violate the CAN-SPAM Act. Harry has conducted business in Florida under a number of aliases.

31 July 2004 - 70% of Virus Activity Linked to German Teenager
A report published by Sophos has revealed that 70% of virus activity in the first half of 2004 can be linked to the German teenager who admitted writing the Sasser and Netsky worms.

26 July 2004 - Trojan Disguises Itself as Bin Laden Suicide Photographs
Experts at Sophos have warned computer users that a file posing as photographic evidence that Osama Bin Laden has killed himself is in fact infected by the Hackarmy Trojan horse.

23 July 2004 - Treasury Dept. Audit Finds Security Problems at IRS
A report from Treasury Department auditors found that "lax security policies" regarding contractors at the Internal Revenue Service (IRS) placed taxpayer data at risk. Contractors were often provided with outdated systems which were insecure; in some instances, contractor employees were granted root access privileges. The report recommends giving contractors updated workstations and allowing them access with only the minimum required access privileges. The report also noted the lack of documentation that all contractor employees had undergone the necessary background checks. Another report from auditors took the IRS to task over the unauthorized use of PDAs at the agency.

23 July 2004 - Florida Man Charged in Acxiom Corp. Data Theft
Scott Levine of Boca Raton, Florida has been indicted on charges of breaking into Acxiom Corp.'s computer system, stealing personal, financial and company data, and hiding evidence. Levine allegedly stole more than 8 gigabytes of data and caused US$7 million in damages. The information was apparently placed on Levine's company's system and sold to customers; Levine runs Snipermail.com, a bulk mailing concern. Six Snipermail.com employees who were not named in the indictment have reached agreements with prosecutors, some of which will result in guilty pleas. In a separate case last year, Daniel Baas of Ohio pleaded guilty to breaking into Acxiom's computer system.

22 July 2004 - CD Piracy Market More than US$4.5 Billion
A study from the International Federation for the Phonographic Industry (IFPI) indicates that CD piracy was a US$4.5 billion market last year,
approximately 15% of the global recorded music market.

22 July 2004 - Software Pirate Sentenced to 5 1/2 Years in prison
A German judge has sentenced Ralph Blasek to 5 1/2 years in prison for running Europe's largest pirated software ring. Blasek's actions cost
Microsoft US$4.5 million, according to a court spokesman. Blasek's sentence does not include the possibility of parole.

22 July 2004 - Phishers Now Using IM
Some people running phishing scams are now using instant messaging to lure people to their phony sites. Many instant messaging systems use weak authentication schemes.

19 July 2004 - Many Companies Monitor Outgoing eMail
According to research from Forrester Consulting, 44% of large companies in the US employ someone to monitor outgoing electronic communication, and nearly half conduct regular audits of company email. The impetus for the monitoring stems from fears that employees are leaking trade secrets or intellectual property. Smaller companies were more likely to be concerned about attachments and whether or not their company's
communications were in compliance with Sarbanes-Oxley and other such legislation.

17 July 2004 - Missing Sandia Disk Found
A computer disk reported missing at Sandia National Laboratory at the end of June has been found, but officials are not releasing any further details.

16 July 2004 - Microsoft Wins Nearly US$4 Million in Spam and Trademark Suit
The US District Court for the Central District of California has ordered Daniel Khoshnood to pay Microsoft US$3.95 million for trademark infringement, false advertising and cybersquatting. Khoshnood sent out spam messages that claimed an affiliation with Microsoft, but had none.

16 July 2004 - Oxford Univ Students Could Face Suspension and Fines for Computer Intrusion
Two first-year Oxford University students could be fined GBP 500 or suspended from their school for breaking into the university's computer and writing a story about it for a student newspaper. The two say they used a program they obtained on Google to break into university IT systems, view live CCTV and access systems that contained sensitive data. http://www.theregister.co.uk/2004/07/16/oxford_uni_hackers/print.html

16 July 2004 - Adrian Lamo Sentenced for NYT Intrusion
A federal judge has sentenced Adrian Lamo to two years of probation, six months of which will be served in home detention for breaking into the New York Times' computer system. Lamo will also have to pay a fine of
$65,000. http://www.computerworld.com/printthis/2004/0,4814,94600,00.html

16 July 2004 - Identity Theft Penalty Enhancement Act Becomes Law
President Bush has signed the Identity Theft Penalty Enhancement Act, which increases the federal penalty for identity theft from three to five years; it also adds five years to prison sentences for those convicted of using another person's identity to commit terrorism. In addition, the act makes aggravated identity theft a crime; people convicted of using others' identity in the commission of a felony will have an additional two years tacked on to their sentences.

15 July 2004 - California Department of Insurance Suffers Cyber Intrusion
The California Department of Insurance has begun informing nearly 600 people that their personal information was contained on a server that was accessed without authorization. Those affected were in the process of applying for insurance provider licenses. The data on the server was encrypted.

14 July 2004 - PC Stolen from Intuit Office Contained Customer Data
Intuit has informed 47,000 customers that a computer stolen from a company office in Omaha, Nebraska, contained password-protected customer data such as names and credit card information. A company spokesperson says there has been no evidence that any of the information has been used to steal identities; the thieves were more likely after the hardware than the PC's data. The company is offering those affected
three months of free personal information and credit monitoring.

13 July 2004 - Man Allegedly Broke Into Verizon Computers, Posted Passwords on Internet
William Quinn of Eastchester, NY, has been indicted on charges he broke into Verizon Communications computers for the company's Direct Access testing Units (DATU); Quinn also allegedly posted the passwords to the system he had obtained on the Internet along with instructions for using them. Verizon spent US$120,000 to address the problems Quinn allegedly created. If he is convicted on all charges against him, Quinn could face five years in prison and a fine of as much as US$250,000.

12 July 2004 - Former AltaVista Employee Arrested for Allegedly Stealing Source Code
Laurent Chavet, a former AltaVista employee who is currently employed at Microsoft, has been arrested on charges that he stole source code from his former employer after he stopped working there. According to an anonymous source, Chavet had been working on Microsoft's MSN search.

12 July 2004 - UK Teen Charged with Flooding Former Employer with 5 Million eMail Messages
A teenager who was fired from a UK insurance company faces a six-month jail sentence or a fine of as much as 5,000 GBP under the Computer Misuse Act for sending his former employer 5 million email messages.
The company was forced to shut down its web site while it attended to the deluge, and reportedly lost 18,000 GBP as a result.

9 July 2004 - More Classified Data Storage Missing from Los Alamos National Lab
An inventory check at Los Alamos National Laboratory (LANL) last week revealed that two Classified Removable Electronic Media (CREM) items were missing from the facility's Weapons Physics Directorate. The
laboratory director plans to launch a full inquiry. Another classified removable electronic media item was reported missing from LANL in May of this year as well, though that item had been scheduled to be destroyed; the information discovered to be missing last week was to be used in forthcoming experiments.

7 July 2004 - Pirated Software Cost US$29 Billion Last Year, Says BSA
A Business Software Alliance (BSA) survey says that global trade in pirated software was nearly US$29 billion in 2003, about 60% of the US$51 billion in legitimate desktop software sales worldwide.

7 July 2004 - Piracy Ring Cracked in Hong Kong
Hong Kong's Customs and Excise Department says it has broken a large software piracy ring and is trying to freeze the group's assets which are valued at 20 million Hong Kong dollars, or US$2.6 million. Eight people have been arrested but not yet charged.

6 July 2004 - Small Storage Devices Pose Security Threat, Says Gartner
A study from Gartner maintains that iPods and other small, portable storage devices pose a serious security threat to businesses. Not only can they introduce malware into company networks, but they could also be used to steal proprietary information. Gartner advises companies to forbid the use of privately owned storage devices with company machines. http://www.computerworld.com/printthis/2004/0,4814,94319,00.html

30 June 2004 - Top Ten Viruses and Hoaxes for June 2004
Sophos reveals which viruses have been causing the biggest problems in June 2004, and which hoaxes have tried to create havoc. Can you guess which viruses is in the number one position?

30 June 2004 - Hungarian Teen Sentenced for Porn Worm
The teenage author of the Magold worm has been sentenced in Hungary. The worm, posing as an erotic screensaver, was distributed early last year.

28 June 2004 - Phishing Attacks Rise Only Slightly in May
A report from the Anti-Phishing Working Group indicates that the number of phishing attacks in May, (1,197) was 6% higher than the number detected in April (1,100). April's figure marked a %178 increase from March's numbers. The group also noted that because 95% of email fraud schemes use spoofed "from" addresses, an email sender authentication method is needed to stop phishing attacks.

25 June 2004 - House Approves Spyware Bill
The House Energy and Commerce Committee has approved a bill that would require purveyors of software that collects information about computer users to notify the users before it is installed on computers. The bill would also require that spyware be easy to remove and would allow the FTC to impose significant fines for certain practices, like logging keystrokes or stealing identities. A separate spyware bill has been introduced in the Senate. Technology companies have expressed concern that the bill could hinder legitimate applications.

24 June 2004 - Russian Student Convicted on Spam Charges
A Russian teenager is the first person in his country to be convicted of spending spam. The unnamed student receives a one-year suspended sentence and a 3,000 RUR (just over 100 USD) fine for sending an obscene
text message to 15,000 cell phone customers.

24 June 2004 - AOL Employee Arrested for Alleged Theft of 92 Million Screen Names
Jason Smathers, a software engineer working for America Online, has been arrested on charges he broke into the ISP's computer database and stole 92 million customer e-mail addresses which were later sold to spammers. Smathers allegedly used the identification code belonging to another AOL employee to access the data he allegedly stole; his employment duties did not give him access to the customer data. Smathers also allegedly sold the list of names to Sean Dunaway of Las Vegas, who runs an Internet gambling business. Dunaway has also been arrested; both men face maximum prison sentences of five years and $250,000 fines.

23 June 2004 - Four Charged with Unauthorized Access to NC University Campus Police Computers
Police have charged four men for allegedly gaining unauthorized access to North Carolina State University's campus police computer system and posting phony incidents. One of the four allegedly found a password to
a secure area and shared it with the others.

21 June 2004 - Spammers Bypass Outlook 2003 Security
Spammers have discovered how to bypass Outlook 2003's anti-spam security that scans incoming email for language that indicates it could be spam and which also allows users to prevent HTML email from downloading
content from the Internet. The spammers attach an image file to the email and then use HTML code to display the image, which can contain words the filter would otherwise have caught.

18 June 2004 - House Subcommittee Approves Spyware Act
The US House Subcommittee on Commerce, Trade and Consumer Protection has approved the Securely Protect Yourself Against Cyber Trespass Act (or SPYACT), which would impose fines of up to USD$3 million for collecting information, "diverting browsers" and sending certain pop ups to people without express permission. The bill also requires that spyware purveyors inform and obtain consent from users before software is installed.

17 June 2004 - Computer Thieves Caught on Closed-Circuit TV
A closed-circuit television system captured footage of thieves stealing computers from the pathology department of the Royal Shrewsbury Hospital in Shropshire, England. The stolen machines contain eight years worth of confidential patient data. The thieves probably stole the equipment with the intention of selling it rather than harvesting the data, according to a National Health Service spokesman. Police are scrutinizing the tapes for clues. http://www.theregister.co.uk/2004/06/17/hospital_break_in/print.html

17 June 2004 - Coalition Formed to Raise Public Awareness of Phishing
The Federal Trade Commission (FTC), the Better Business Bureau, Visa USA and other organizations have formed a coalition to inform the public about the threat of phishing. The coalition aims to help people understand how to avoid falling into the traps laid by phishers and how and where to report suspicious email messages.

17 June 2004 - Audit Finds Nearly One-Third of PCs Scanned in April Has Spyware
The monthly SpyAudit conducted by EarthLink and Webroot found that almost 134,000 of the more than 420,000 PCs scanned in April contained a Trojan Horse or system monitor, like a keystroke logger, that had been deposited by spyware. The April scans also found "26.9 spyware programs or components per machine."

7 June 2004 - Missing DEA Laptop Contains Information on Investigations and Informants
A Drug Enforcement Administration laptop computer is missing; it contains information on as many as 100 DEA investigations and on DEA confidential informants. An auditor in the Justice Department's Office of the Inspector General reported the laptop had been stolen three weeks ago; after further questioning, he changed his story and said that he accidentally damaged the machine and destroyed it and threw it in a dumpster because he was so embarrassed.

7 June 2004 - IT Security Spending to Rise, According to Study
Spending on information technology security at US companies is predicted to grow to between 8 and 12% of an organization's IT budget by 2006, according to a study from Meta Group.

7 June 2004 - Man Pleads Guilty in Lowe's Wireless Intrusion Case
Brian Salcedo has pleaded guilty to four counts of wire fraud and unauthorized computer access for his role in an attempt to exploit a vulnerable wireless network and steal credit card numbers from Lowe's computer networks. Though Salcedo could face a sentence of up to 18 years, prosecutors are expected to ask for leniency in exchange for Salcedo's cooperation in other related investigations.

4 June 2004 - Researchers Say Worst-Case Worm Could Cost USD50 Billion
According to researchers at the nonprofit International Computer Science Institute (ICSI) associated with the University of California at Berkeley, a worst case worm could cause USD$50 billion in "direct damages": lost productivity and data and the cost of equipment and repair. The researchers modeled a scenario in which a worm that exploited an unpublished vulnerability was released onto the Internet.

4 June 2004 - Unpatched Laptops Pose Threat to Internal Networks
Unpatched laptop computers pose a security threat to computer networks; while some desktop PCs on internal networks may not be patched against recent worms, they are still protected by corporate firewalls. Unpatched laptops could then introduce worms into the organizations' internal networks, causing infections to spread quickly though the unpatched desktops. Unpatched vulnerable new computers contribute to the continued spread of older infections, such as the MSBlast worm.

4 June 2004 - NetSky.P Masquerades as Harry Potter Game
The NetSky.P worm is spreading in large part by exploiting widespread interest in Harry Potter; the worm appears in peer-to-peer networks claiming to be a Harry Potter computer game.

4/3 June 2004 - Korgo Worm Steals Passwords, Credit Card Numbers
The Korgo worm, which exploits the same Local Security Authority Subsystem Service (LSASS) vulnerability as Sasser, opens a back door that allows the installation of a keystroke-logging program used to harvest passwords and credit card numbers.

3 June 2004 - RCMP Arrest Suspected US Government Computer Intruder
At the request of the FBI, Royal Canadian Mounted Police have arrested a man who allegedly broke into a router that is connected to a US Supreme Court warehouse; the individual arrested is also suspected of
compromising a number of computers.

2 June 2004 - Tokyo Police Arrest Disgruntled, Demoted Employee for Alleged Server Intrusion
Tokyo police have arrested a man who allegedly broke into a Takachiho University server after the university demoted him. Royoichi Nakayama allegedly used a password to access the server and read others' mail,
rendering the bulletin board inaccessible. Nakayama was formerly employed by the university as a computer expert, but was transferred to a position as a clerk at the institution's library after the university found him responsible for problems with the computer system's security.

26 May 2004 - Anti-Spam Efforts Come Together
Microsoft has announced that it will merge its Caller-ID for email technology with the Sender Policy Framework (SPF), joining America Online, EarthLink and Google in supporting the specification.

25 May 2004 - CSO Survey Places Cyber Attack Cost at USD$666 Million in 2003
A survey conducted by CSO magazine with "cooperation" from the US Secret Service and CERT/CC found that cyber attacks cost businesses an estimated USD$666 million in 2003. The survey polled 500 executives and found that more than 40% said cyber security incidents had increased between 2002 and 2003. More than 40% also said hackers were their number one security concern; 28% placed insider threats as their number one concern. 36% of those responding say they monitor employees' web use and pertinent activities to guard against internal threats. http://www.securityfocus.com/printable/news/8767

20 May 2004 - Deloitte Survey Shows Security Breaches Increased at Financial Institutions
Deloitte's 2004 Global Security Survey shows that 83% of financial institutions surveyed experienced a security breach in the last year; in the 2002 survey, that figure was 39%. The two technologies receiving the most attention are identity and vulnerability management. 25% of respondents said their security budgets were "flat." Deloitte surveyed senior security officers at the top 100 global financial institutions.

18 May 2004 - Phisher Gets 46-Month Prison Sentence
A Texas federal court judge has sentenced 20-year-old Zachary Hill to 46 months in prison for his role in a phishing scam. Hill stole 473 credit card numbers by sending out email messages pretending to be from AOL and PayPal informing people that their accounts had expired and requesting them to enter the card numbers into his phony web forms. Hill then used the card numbers to make $47,000 in fraudulent charges.

14 May 2004 - Anti-Spammers Infiltrate Spammers' Web Sites; Gain Intelligence
Anti-spam organizations such as Spamhaus, have gained access to web sites run by spammers and have learned that virus writers are using MyDoom, Bagle and other viruses to gain control of computers to sell to spammers. http://www.theregister.co.uk/2004/05/14/spam_club

13 May 2004 - "Survivor" Web Site Has Malicious Code
A website designed to attract fans of the Survivor television series has infected with malicious code. Users who visit the site without adequate virus detection may get infected by three viruses coded into scripts embedded in the site's content. http://news.zdnet.co.uk/0,39020330,39154541,00.htm

13 May 2004 - States Moving To Outlaw Spyware
Utah has already passed an anti-spyware bill and New York and California are both considering such laws. The US Congress is considering several different anti-spyware bills. If enough states pass bills, the case for a national law is strengthened. http://www.washingtonpost.com/wp-dyn/articles/A24746-2004May13.html

10 May 2004 - Security Policies Fail Because They Are Ignored
Security manager reports that security policies are routinely ignored in the real world. Even incident handling policies are ignored, "No one uses these documents. They just sit in a binder on a bookshelf or in a shared disk...." A single page Incident Handling step by step guide reference card he created seems to help.

10 May 2004 - Admitted Sasser Author Arrested
Police say 18 year-old Sven Jaschan of Rotenburg, Germany, has admitted to creating the Sasser worm. The people who came forward with technical evidence implicating Jaschan will receive a $250,000 reward from Microsoft if he is successfully prosecuted. Jaschan is also allegedly the author of some versions of NetSky.

7 May 2004 - Sasser Hits American Express, Delta Airlines, Universities

6 May 2004 - Security Breach at Four UCSD Financial Services Department Computers
The University of California San Diego is informing approximately 380,000 students, alumni, applicants, faculty and staff that their personal details may have been compromised. Four computers at the school's Business and Financial Services Department experienced security breaches. The case is being investigated by campus police and other law enforcement agencies.

6 May 2004 - Stock-Trading Fraudster Gets Prison Sentence
Van T. Dinh has been sentenced to 13 months in prison for computer intrusion and identity theft. Dinh tricked someone with an on-line brokerage account into downloading a Trojan horse program, which allowed Dinh to log the man's keystrokes and steal his account information. Dinh then logged into that account and purchased options that he had placed to sell at an inflated price, hoping to offset a potential loss of nearly $90,000. After he was caught, Dinh pleaded guilty to unauthorized access to a protected computer and securities fraud; he
has also repaid his victim. http://www.securityfocus.com/printable/news/8564

5 May 2004 - Security Incidents Cost Companies Business
According to a study of more than 100 large UK companies and government agencies, those that had experienced a security breach saw a 47% attrition rate in their business-to-business sector. The companies that did not take their business elsewhere spent slightly less with the company than they had been previous to knowledge of the breach.

3 May 2004 - Student Pleads Guilty to Computer Misuse Charges in Theft Case
A Vietnamese student studying computer engineering in Singapore has pleaded guilty to charges of computer misuse for sending friends a keystroke logging program hidden in a game, and using the information he reaped from that program to steal money from another student. Nguyen Van Phi Hung faces a fine of up to SGD$50,000 and a ten-year jail sentence for three of the four charges; the fourth charge carries a maximum fine of SGD$10,000 and a three-year jail sentence.

3 May 2004 - Sasser Variants Spreading
At least three versions of the Sasser worm are circulating on the Internet. Sasser exploits a vulnerability in the Local Security Authority Subsystem Service (LSASS) of certain editions of Windows.

1 May 2004 - IRS Warns of Phishing Scam
The US Internal Revenue Service has issued a warning about a phishing scam that tells people they are the subjects of tax investigation and encourages them to visit a web site and provide personal information such as credit card and Social Security numbers to dispute the alleged allegations.

30 April 2004 - Wireless Phones Vulnerable to Assortment of Attacks
A Times (UK) investigation found that numerous mobile phones used at some of Britain's largest companies were susceptible to a variety of attacks, including downloading text messages and phone lists as well as
manipulating the phones to act as listening devices.

30 April 2004 - The Top Ten Viruses and Hoaxes in April 2004
A single family of viruses dominates the chart of the top threats reported to Sophos in April. Find out which worm is causing the biggest problem as well as which hoaxes are filling email accounts.

30 April 2004 - FTC Brings First Charges Under Can-Spam Act
Federal authorities have charged four Detriot-area men under the Can-Spam Act; this is the first case in which the new law has been invoked. The four are accused of hiding their identities while sending huge quantities of unsolicited commercial email. The FTC has also filed charges against an Australian concern that is allegedly responsible for large quantities of spam in the US.

29 April 2004 - Man Arrested in First UK Phishing Case
British police have arrested a 21-year-old man in connection with a "phishing" attack designed to defraud customers of an online bank.

28 April 2004 - Legislators Plan to Address Spyware
Two anti-spyware bills are being prepared in the US House of Representatives. One bill, sponsored by Representative Jay Inslee (D-Wash.) would charge spyware authors with criminal penalties and allow state attorneys general to bring civil cases. The other, sponsored by Representative Mary Bono (R-Calif.), would ban spyware that does not obtain specific end-user consent and provide a warning before installing; it would also grant the Federal Trade Commission power to create regulations requiring companies to allow spywear and adware to be uninstalled. Both bills would preempt existing state laws.

26 April 2004 - Bagle.Y Spreads Through eMail and Network Shares

23 April 2004 - Phishing Scams Increase, New Tactics Emerge
The number of phishing scams circulating on the Internet has increased dramatically over the last six months. eMail security company MessageLabs detected 279 phishing emails in September 2003; in January 2004 the number grew to 337,050 and fell back to 215,643 in March. Phishers are regularly coming up with new angles to trick people into revealing personal information or allowing Trojans and keystroke loggers to be downloaded onto their machines. The Federal Deposit Insurance Corporation has warned banks about a phishing email that appears to be from the FDIC; this particular scam claims the FDIC has teamed with credit card companies to provide a program that protects those who enroll from credit card fraud.

23 April 2004 - International Piracy Raids Target Warez Groups
Law enforcement officials around the world conducted 120 raids in 10 countries and 27 US states against web sites suspected of distributing pirated software, movies and music . Authorities took down the suspect sites and seized computers; as yet, no arrests have been made.

23 April 2004 - Universities are Looking Beyond Technology to Improve Cyber Security
A cyber security survey conducted by Educause, a group of higher education IT professionals, found that of the 435 schools responding to the survey, two-thirds required anti-virus software on all computers that belong to their institutions, while only one-third of the schools required the same of students' computers. Schools are increasingly looking beyond merely technological fixes to "softer" areas such as involving university administration and developing security policies and procedures.

21 April 2004 - Study: Anti-Spam Technology is Effective
An IDC study indicates that using anti-spam technology can significantly reduce the amount of spam received. The study found that in a company with 5,000 email users, anti-spam systems saved the company more than
$780,000 (USD) and reduced the amount of time employees spent dealing with email by 50%.

19 April 2004 - Spammers Sending Fake Stock Tips
The incidence of phony stock-tip related spam has grown three fold between December 2003 and March 2004.

19 April 2004 - Automated Copyright Notice System Thwarts Content Pirates
The Automated Copyright Notice System (ACNS) allows schools and Internet service providers to restrict or deny Internet access to computer users who have violated copyright on peer-to-peer networks. ACNS has been
tested and is due to go live at the University of California at Los Angeles this week.

16 April 2004 - Fleet Issues New Business Visa Cards After Merchant Security Breach
Fleet Credit Card Services is issuing new Visa business credit cards to a number of customers after learning of a security breach in computers of an as yet unnamed merchant.

16 April 2004 - Former Global Crossing Employee Sentenced
Stephen William Sutcliffe has been sentenced to almost 4 years in prison for posting the home addresses and Social Security numbers of 2,000 Global Crossing employees on the Internet. Sutcliffe, who was fired from the company in September 2001, also posted threats directed at specific employees.

16 April 2004 - Earthlink Audit Service Finds Spyware Items on PCs
Data collected by Earthlink through its free SpyAudit service found an average of 28 spyware items on PCs scanned during a three month period.

15 April 2004 - Program Will Warn Users of Suspected Phishing Sites
Earthlink plans to release a program that will warn users if they click on an e-mail link that directs them to a website that has been reported as a phony. The ScamBlocker program will be available to everyone, not
just Earthlink customers. http://msnbc.msn.com/id/4741973

14 April 2004 - Maryland Legislators Approve Strong Anti-Spam Bill
Maryland state legislators have passed a bill that, if signed by the governor, would cause convicted spammers to face sentences of up to 10 years, fines of as much as $25,000 (USD) and confiscation of their personal assets. It specifically outlaws several deceptive practices spammers use.

14 April 2004 - Sentencing Commission Guidelines for Can-Spam Act
The United States Sentencing Commission has sent Congress guidelines for sentencing those convicted under the Can-Spam Act. The guidelines add penalties for those convicted of sending spam through someone else's
address without permission or who deliberately mask the origin of their messages. The draft guidelines also compare "spam offenses to theft, fraud and property destruction" and could pose unusually harsh sentences
on convicted spammers. http://news.com.com/2102-1028_3-5191651.html?tag=st.util.print

13 April 2004 - Browser-Based Attacks on the Rise
The Computing Technology Industry Association's (CompTIA) second annual report on IT security and the work force found that of 900 organizations surveyed, nearly 37% said they had experienced at least one browser-based attack during the preceding six months, up from 25% in last year's survey. Worms and viruses topped the list of concerns.

13 April 2004 - Sprague Pleads Guilty to Copyright Infringement
Russell Sprague has pleaded guilty to one count of copyright infringement for illegally duplicating movie preview tapes sent to him by a friend who at the time was a member of the Academy of Motion Pictures Arts and Sciences. Sprague could face up to three years in prison.

5 April 2004 - Phishers Exploit IE Hole to Install Keystroke Loggers Surreptitiously
AusCERT released an advisory about a phishing scam that exploits a vulnerability in Microsoft Internet Explorer (IE). The phony e-mail provides a link to what appears to be a legitimate banking site, but which actually downloads a keystroke logging program onto their computers. The person is then redirected to the real bank web site and the keystroke logger collects the personal information entered and sends it to an anonymous mail server.

5 April 2004 - Legal Liability Threat Spurs Companies to Take Action Against
Illegal File Sharing on Networks

Facing the possibility of legal liability for copyright violations, companies are starting to take steps to stop their employees from participating in unauthorized peer-to-peer file sharing activity on company networks. Technologies used to prevent illegal file trading include tools that block access to P2P sites, shut down P2P sessions and prevent P2P programs from running on company networks, limit the amount of bandwidth P2P applications can use, and inspect all packets traveling to and from networks, looking for P2P markers.

2 April 2004 - 8 Million Infected by MSBlast
Data from Microsoft indicates that about 8 million computers were infected with the MSBlast worm and its variants following its August 2003 release. Microsoft was able to track how many times an on line tool that cleans MSBlast and its variants from infected machines was used.

1 April 2004 - Buffalo Spammer Found Guilty
A jury in Erie County, NY, has found Buffalo resident Howard Carmack, a.k.a. the Buffalo Spammer, guilty on charges of identity theft and falsifying business records. Carmack stole identities of two Buffalo area residents and used them to send more than 800 million spam messages. He will be sentenced on May 27, when he will face between three and seven years in prison.

1 April 2004 - Judge Says File Sharers are Not Breaking Canadian Copyright Law
A Canadian Federal Court judge ruled that music file sharers are not breaking Canadian law. Justice Conrad von Finckenstein wrote "the mere fact of placing a copy [of a music file] on a shared directory in a computer where that copy can be accessed via a P2P service does not amount to distribution." The case in question was brought by the Canadian Recording Industry association who sought the identities of 29 Internet users who allegedly shared music files.

1 April 2004 - Software for Detecting Phishing Schemes
The preponderance of phishing scams on the Internet has given rise to software designed to defeat the schemes. For example, eBay has added a feature to its toolbar that has a green light when visiting eBay or
PayPal sites and red light on sites that are known to be phony. It also provides a warning when users enter eBay or PayPal passwords on other sites. Other proposed techniques include personalized password imaging
systems and technology to analyze headers.

29 March 2004 - The Indirect Costs of Security Breaches
Companies that suffer security breaches incur both direct costs, such as lost productivity and overtime pay for those cleaning up the breach's aftermath, and indirect costs, such as loss of customer confidence, lost sales and legal liabilities. A group of researchers at the University of Maryland's Smith School of Business studied the effects of security breaches on the value of companies in the stock market. Problems in which companies' systems were hit with worms, viruses or denial-of-service attacks appeared to have no effect on a company's
stock market value. However, breaches that exposed personal data did appear to have a negative impact on the companies' stock market value.

29 March 2004 - Study: The Effect of Malware on European Small Businesses
According to research from McAfee Security, 22% of Europe's small businesses (those with fewer than 20 employees) have had to temporarily shut down in order to recover from malware attacks. The average cost of cleaning up from the attacks, including lost income, is 5,000 EUR. McAfee's data came from a survey of 500 companies in Italy, Spain, France, Germany, The Netherlands and the UK.

28 March 2004 - Executives Could Face Liability for Inadequate Security
Some security and legal experts say that executives could face civil and criminal penalties for failing to adequately protect their computer networks. A portion of the Sarbanes-Oxley Act requires that executives
vouch for the adequacy of their internal controls; auditors are staring to count cybersecurity among those controls. The Gramm-Leach-Bliley Act has already had similar repercussions; the Federal Trade Commission
(FTC) brought action against drug manufacturer Eli Lilly for inadvertently disclosing e-mail addresses of some of its customers who were using Prozac. In addition, a Maine state panel ruled that Verizon Communications should have known it would be vulnerable to last year's Slammer worm and therefore had to make infrastructure payments to the state even while their network was down.

27 March 2004 - US Lawmakers Address Illegal File Sharing
US legislators are taking aim at people who violate copyrights by sharing music files on peer-to-peer networks. The draft legislation in the House would lower the burden of proof for the Justice Department to "pursue criminal prosecution." It would also impose fines and prison sentences of up to 10 years. A bill introduced in the Senate would allow the Justice Department to introduce civil cases against those sharing files.

26 March 2004 - High-Speed Internet Access Company Customer Data Leaked
High-speed Internet access wholesaler ACCA Network CO. has confirmed that some customer data was leaked in spring 2003. The company says that data on at least 201 customers was definitely leaked, and cannot "rule out the possibility" that data on all 1.4 million present and past customers was compromised.

25 March 2004 - Chinese Government Bans Internet Cafes Near Schools
The Chinese government has banned Internet cafes from operating within 200 meters of residential areas or schools. The government is concerned about young people being exposed to "unhealthy online information."
There are already rules in place prohibiting minors from entering Internet cafes, but many are believed to ignore those rules. China's General Administration for Industry and Commerce (GIAC) has warned that businesses caught flouting the rules would face stiff penalties.

25 March 2004 - Stolen GMAC Financial Services Laptops Contain Unencrypted Customer Data
Two laptops stolen from the car of a GMAC Financial Services employee contained personal data, including names, Social Security numbers and credit scores, belonging to more than 200,000 people. The data is password-protected but not encrypted. GMAC Financial Services is contacting the affected customers, warning them that their personal information may have been compromised and advising them to place fraud alerts on their credit files.

24 March 2004 - California Man Indicted for Placing Keystroke Logger on Employer's Computer
A federal grand jury last week indicted Larry Lee Ropp for intercepting electronic communication. Ropp allegedly installed a keystroke logger on a manager's computer while still employed at Bristol West Insurance
Group/Coast National Insurance Company. Ropp claims he was collecting data under the auspices of the California Department of Insurance in connection with a class action lawsuit against Bristol; the Department
of Insurance maintains it did not authorize Ropp's activity. Regardless of his intentions or affiliations, Ropp's alleged actions were illegal. If convicted, he could face up to five years in prison.

23 March 2004 - RIAA Files More Lawsuits Against Alleged File Sharers
The Recording Industry Association of America (RIAA) has filed lawsuits against 532 individuals, including 89 people at universities across the country, for illegally sharing music files. The individuals in the case are anonymous; the RIAA hopes to uncover their identities through the courts.

22 March 2004 - 30% of Companies Surveyed Had "Serious" Malware Infection in 2003
A study from ICSA Labs found that 30% of the 300 companies surveyed said they had a serious computer virus outbreak in 2003, double the figure for 2002. A serious outbreak was defined as one in which 25 or more PCs were infected with the same virus at the same time. Disaster recovery costs rose to about 100,000 USD per incident in 2003. ICSA content security programs manager Larry Bridwell says that 2004 could be even worse. Everyone must take their responsibilities seriously; companies need to be proactive about network security and employee education, vendors need to provide more secure software and antivirus companies need to develop and use more effective heuristics. http://www.theregister.co.uk/content/55/36443.html

22 March 2004 - Man Pleads Guilty to Phishing Charges
Zachary Hill of Houston pleaded guilty to charges related to a phishing scam that targeted America Online and Paypal customers. Hill will be sentenced on May 17.

22 March 2004 - US Congressman Putnam Questions Agencies About IT Security
During a hearing on information security, Adam Putnam, chair of the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, chastised government agencies for moving too slowly in their efforts to secure their computer systems. The agencies received a collective security grade of "D" for 2003. Some agencies showed marked improvement; the Nuclear Regulatory
Commission and the National Science Foundation both received individual grades of "A."

22 March 2004 - Asia-Pacific Region Joins in Fighting Spam
The passage of the anti spam legislation in other parts of the world, together with recent legal action brought against spammers by four major Internet service providers (ISP) has inspired Asia-Pacific governments and businesses to examine "measures" they can take to stem spam's tide. Japan already has anti-spam legislation in place; Australia's anti-spam laws take effect in April.

19 March 2004 - Back-Up Tape of Citibank Customer Transactions is Lost
A back-up tape containing a month's worth of Japanese Citibank customer transactions was lost while being transported to a data center in Singapore. The information on the tape included account holders' names,
addresses, account numbers and balances. Citibank intends to inform affected customers by letter.

19 March 2004 - Possible Customer Data Compromise at BJ's Wholesale Club Computer System
Law enforcement agencies and credit card companies are investigating a possible security breach of the BJ's Wholesale Club computer system. The problem was brought to light when credit card companies began
reporting possible fraudulent activity on customers' accounts.

19 March 2004 - Korea Wants to Halve Spam Volume
The Korean government aims to cut the amount of spam in half by the end of 2004. The country's Ministry of Information and Communication (MIC) hit 68 spammers with stiff fines and sent warnings to an additional 127
entities. http://times.hankooki.com/lpage/tech/200403/kt2004031917570311800.htm

18 March 2004 - Only US Receives More Spam than China
According to the Internet Society of China, in 2003, spam accounted for nearly one in every three e-mails received in China. Chinese servers received at least 150 billion spam e-mails last year, placing the country just behind the US in volume of spam received.

18 March 2004 - Task Force Action Plans: Early Warning System, Increased Security Awareness
Two of five task forces formed under the National Cyber Security Partnership have released action plans for improving national cyber security. One of the plans calls for the creation of an early warning system for cyber security events; the other offers cyber security awareness guidelines for home and small-business users. The guidelines have been criticized for being "vendor-driven."

17 March 2004 - Equifax Canada Data Compromised
Equifax Canada has informed more than 1,400 people that the security of their credit files was compromised; the breach apparently narrowly targeted a specific geographic area, raising concerns that the attackers were well-funded, otherwise all of Equifax Canada's database would have been be compromised.

17 March 2004 - Former FBI Analyst Faces Charges of Unauthorized Data Access
Former FBI investigative analyst Jeffrey D. Fudge will face trial in Dallas on felony charges stemming from allegations he accessed FBI data without authorization. Fudge allegedly shared the information he discovered with his family and friends. If convicted of all charges against him, Fudge could face a 50-year prison sentence or a fine of as much as 250 million USD.

14 March 2004 - Alleged Software Pirate Fights Extradition to US
Hew Raymond Griffiths of New South Wales Australia is fighting extradition to the US to face piracy charges. Griffiths is allegedly the leader of the DrinkOrDie piracy group. Several US members of the group have been in jail for as long as four years; others are awaiting trial and sentencing. If Griffiths is convicted in the US, he could
face a 10-year prison term and a 500,000 USD fine.

11 March 2004 - Ohio Middle School Student Suspended for Deleting Student Records
An Ohio middle school student allegedly broke into a school computer and deleted files related to a computerized student reading program. He is currently under a 10-day suspension; his parents and school
administrators are discussing the possibility of his expulsion. The school district is investigating the possibility that other students were involved in the incident.

11 March 2004 - Netsky-L and Netsky-M Worms Discovered
Find out about the most recent versions of the Netsky worm which have been discovered.

11 March 2004 - US Internet Firms Take Action Against Spammers
AOL, Earthlink, Microsoft and Yahoo are taking legal action against over 100 of the world's most prolific
spammers. http://www.sophos.com/spaminfo/articles/legalaction.html

10 March 2004 - ISPs File Suits Against Spammers Under Can-Spam Act
America Online, Earthlink, Yahoo and Microsoft are filing lawsuits against hundreds of alleged spammers under the recently passed Can-Spam Act. The complaints allege the defendants sent deceptive marketing e-mail messages, used open proxies and did not provide unsubscribe directions.

9 March 2004 - Comcast Cracking Down on Zombie Spam Relays
Comcast has been contacting customers whose computers have been hijacked and used as zombie spam relays; in some cases Comcast has cut off service. The company is also helping affected customers secure their computers.

4 March 2004 - OMB Finds Agencies Lagging in FISMA Compliance
An Office of Management and Budget (OMB) review of nearly 8,000 agency computer systems found that just 62% have been certified and accredited by an inspector general or a third-party entity. The OMB had set a goal of having 80% of systems certified by December 2003. Only 78% of systems evaluated had undergone risk assessment and 73% have up-to-date IT security plans. OMB will require agencies to address these problems before they're allowed to spend money on development, enhancement or modernization in fiscal 2004. Despite having missed OMB targets, agencies did improve in each of the seven categories OMB evaluated.

4 March 2004 - Researchers Find Spyware in 5% PCs Connected to University Network
A study conducted by computer scientists at the University of Washington in Seattle found that just over 5% of computers connected to the university's network contained one of four specific spyware programs.
They estimate that the real world figure may be larger because students are more tech savvy than ordinary home users and because there are more spyware programs than just the four the study searched for. The researchers also discovered that two of the programs could be exploited to run unauthorized code on the computers.

3 March 2004 - Phishing Scheme Gets More Subtle
An especially artful phishing scheme aimed at Westpac on-line banking customers even goes so far as to include an oft-repeated caveat: the bank will never ask for personal or log-in details in e-mail. The link
in the phony e-mail opens a fake Westpac website in front of the real Westpac site. Customers are instructed to log on to the site and "verify their credentials." After the information has been entered, the customer receives a phony error message and is sent to the bank's actual web site.

3 March 2004 - Earthlink Will Test E-Mail Sender Authentication Technology
Earthlink plans to start testing technology to reduce the amount of spam and malicious e-mail its users receive. http://www.computerworld.com/printthis/2004/0,4814,90746,00.html

2 March 2004 - SPYBLOCK Act Takes Aim at Spyware
Three US Senators have introduced the Software Principles Yielding Better Levels of Consumer Knowledge (SPYBLOCK) Act which would make it illegal to download software onto people's computers from the Internet without their permission, and would require companies that offer software for downloading to disclose what their programs do and what type of information they collect. Advertisements generated by spyware would have to be clearly labeled as such. Furthermore, the proposed legislation would allow states to sue violators in federal court and the FTC to impose fines and civil penalties.

2 March 2004 - Survey: Viruses and Attacks Up 25% at UK Companies
The UK's Department of Trade and Industry will publish a survey showing that half of UK businesses fell victim to viruses or distributed denial-of-service attacks last year, a 25% increase over last year's statistics. http://news.zdnet.co.uk/0,39020330,39147959,00.htm

1 March 2004 - Companies Opt for Off-the-Shelf Compliance Products
Large companies seeking to comply with Section 404 requirements of the Sarbanes-Oxley Act are choosing off-the-shelf products in lieu of developing their own, in-house software. The companies say they save time and money by purchasing the software; the vendors will customize and maintain the products. The Securities and Exchange Commission (SEC) has granted a one-year extension on compliance for companies that meet certain criteria.

1 March 2004 - Outcome of Password-Sharing Case is Cause for Concern
A federal court ruled that Berkshire Information Systems violated the Computer Fraud and Abuse Act when it obtained a password and userid from a competitor's client and used it to access the competitor's network. The author of this article questions the interpretation of "damage" in this case.

26 February 2004 - Student Charged with Breaking Into Roommate's E-Mail Account
Iowa State University student Nicholas Jensen has been charged with breaking into his former roommate's e-mail account and sending phony messages to people under the roommate's name. If convicted, Jensen could face fines and a three-year prison sentence.

26 February 2004 - F-Secure Apologizes for Sending Virus
Anti-virus company F-Secure has e-mailed an apology to customers who were inadvertently sent the Netsky.B virus through an e-mail list. F-Secure director of anti virus research Mikko Hypponen said the company has taken steps to guard against a repeat of the event; the e-mail list should not have been accepting external e-mails and the problem has been corrected.

24 February 2004 - Cyber Crime Costs UK Companies Billions in 2003
The results of a survey conducted by the UK's National Hi Tech Crime Unit (NHTCU) estimate that cybercrime cost British companies billions of pounds last year. The financial sector was hit most often.
Although 83% of the 201 companies participating in the survey said they had been affected by cybercrime in 2003, less than 25% of the companies reported the incidents to police. More than 25% of the companies do not conduct regular security audits.

24 February 2004 - Bill Gates Announces Security Improvements In Windows
In his keynote address at the RSA conference today, Microsoft's Bill Gates sounded like a "born again" security advocate, and he announced some surprisingly useful new capabilities. Examples: firewalls turned on by default in XP SP2 and firewalls that ask the user for permission to open a port when an application needs it open, and automatically close the port after the application finishes its job. Many other valuable features are listed in the article.

23 February 2004 - Reports of MyDoom-F Worm on The Rise
The MyDoom-F worm is poised to launch denial of service attacks against websites belonging to Microsoft and the record industry. Sophos has been protecting against this worm since 20 February, so ensure you are properly defending your networks now.

23 February 2004 - Former ViewSonic Employee Gets Prison Sentence for Wiping Out Data
Former ViewSonic employee Andrew Garcia has been sentenced to one year in prison for breaking into the company's computer system and wiping out critical data two weeks after he was fired.

22 February 2004 - Missouri Bank Sent Unencrypted Customer Data to Programmer
Southern Commercial Bank, which is based in St. Louis, Missouri, may have compromised customers' privacy of 40,000 customers when it sent unencrypted personal data, including bank account and social security numbers, to an independent programmer. A branch bank VP sent the information in an attachment; the Missouri Division of Finance is investigating the case.

21 February 2004 - Minnesota Man Charged with Breaking Into USPS Server
Joshua Linsk of Minneapolis has been charged with breaking into and damaging a US Postal Service web server. Linsk also allegedly broke into another computer at a different organization to obtain credit card numbers. If convicted, Linsk could face a prison sentence of up to 15 years and/or a fine of as much as $500,000.

20 February 2004 - Judge Rules DVD-Copying Products are Illegal
A federal judge in California has ruled that 321 Studios' DVD-copying products are illegal, and gave the company seven days to stop distributing the products in question. The judge wrote that federal law makes selling such products illegal despite consumers' rights to make personal copies of movies they have purchased. 321 Studios plans to ask for an emergency stay that would allow their products to remain on store shelves while appealing the judge's ruling.

19 February 2004 - Phishing Attacks Increased by 50% in One Month
The Anti-Phishing Working Group found that there were 52% more phishing attacks in January 2004 than in December 2003. 40% of the attacks used the guise of the financial sector; 34% pretended to be retailers. http://www.ecommercetimes.com/perl/story/32906.html

18 February 2004 - Phishers Target National Australia Bank Customers
Phishers have sent e-mails that purport to be from National Australia Bank (NAB) and lead users to a site that tries to collect their Australian National ID and Internet banking passwords. The URL for the phony site has been blocked.

18 February 2004 - Audit Finds Sensitive Data on Discarded North Carolina State Government Computers
The North Carolina state auditor's department found sensitive data on the hard drives of used state government computers that had been sent to the Surplus Property Agency for sale to the public. The data they found included social security numbers, bank account numbers and passwords that would allow access to the state computer network. The review was the first conducted following a 2002 requirement that agencies erase data from their computers before submitting them to the Surplus Property Agency.

17 February 2004 - Phony Police E-Mail Tries to Get Keystroke Logger Onto People's Computers
The Australian High Tech Crime Centre has warned people that cyber criminals are sending out e-mails that claim to be from the federal police and suggesting that they are under investigation. The links that purport to provide further details actually install keystroke loggers on users' computers. http://australianit.news.com.au/articles/0,7204,8707873^15319^^nbv^15306,00.html

13 February 2004 - CA Employment Development Dept. Computer Security Breached
After a state agency computer's security was compromised, the California Employment Development Department sent letters to people whose personal information was on the affected computer, telling them their data may have been viewed by an intruder. There is no evidence that any personal information was accessed or abused. However, a California law enacted last summer requires that people be informed in the event of a computer security breach involving unencrypted personal data. http://news.com.com/2102-7355_3-5158936.html?tag=st.util.print

12 February 2004 - FTC Warns that Anti-Spam Site is Not Affiliated with Government
The US Federal Trade Commission (FTC) issued a press release warning people that http://www.unsub.us, a web site that promises to reduce spam, is not affiliated with the government and could potentially result in an increased volume of spam for those who submit their e-mail addresses.

12 February 2004 - Flaw in Ticketmaster Site Exposed Customer Data
Australia's Ticketmaster 7 web site contained a flaw that allowed visitors to view other customers' information. Ticketmaster 7 says it has closed down the service, which allowed people to view other people's personal information simply by changing numbers in a URL.

11 February 2004 - Study Shows Companies Feel Spam is a Significant Security Threat
A study on the effects of spam on organizations commissioned by Network Associates found that 90% of companies surveyed believed spam makes them more vulnerable to security threats. 97% of the companies felt than antispam technology should be part of their security plans.

9 February 2004 - South Korea Spammers Fined
South Korea's Fair Trade Commission has fined 25 spammers between 1 million and 7 million KRW ($860-$6020 USD) for violations of the E-Commerce Consumer Protection Law.

6 February 2004 - Music Industry Investigators Raid KaZaA Offices
Music Industry Piracy Investigations, an industry-owned group, raided the offices of peer-to-peer network KaZaA to gather evidence in a copyright breach case/music piracy. They also raided the offices of Sharman Networks, KaZaA's parent company, as well as the homes of two company executives, several universities and service providers. http://www.wired.com/news/print/0,1294,62192,00.html

5 February 2004 - Man Pleads Guilty in PayPal Phishing Case
Alec Scott Papierniak of Minnesota has pleaded guilty in federal court to wire fraud; he admitted to using a phishing scheme to steal funds from PayPal customers and to sending keystroke-logging software to some of his victims. Papierniak has agreed to pay restitution; he will be sentenced in May.

4 February 2004 - Treasury Dept Warns of Fraudulent Fee Notices and Phishing Scheme
The US Treasury Department has issued an alert, warning of two "fraudulent schemes." The first is a phishing scam, which has already generated some press; in the second, bank customers receive phony
"ANTI-TERRORIST STOP ORDER letters" telling them they must pay a $25,000 fee for a certificate in order to conduct further transactions.

2 February 2004 - Chinese Government to Crack Down on Spam
Chinese government ministries are working together to fight spam; the government hopes that by June, 90% of the country's e-mail servers will have measures in place to prevent spam. The government is especially concerned with spam's potential for distributing pornography and subversive political material.

2 February 2004 - Mobile Phone Spam a Growing Problem in Asia
Spammers are increasingly targeting mobile phone users in Asia. DoCoMo is taking measures like blocking messages that don't have specified recipients; it has also cut off more than 2,000 lines for spam abuse and in some instances has sought damages.

30 January 2004 - University of Georgia Server Security Breach Under Investigation
Federal and state officials are investigating a security breach of a server at the University of Georgia. The intruders could possibly have gained access to the social security and credit card numbers of individuals who applied to the university since August 2002. There is as yet no evidence that the information has been used; the server was apparently being used to probe other systems for potential attacks.

30 January 2004 - Microsoft and SCO Offer $250,000 Rewards for Mydoom Arrest
Microsoft and SCO are each offering a $250,000 reward for information leading to the arrest and prosecution of the worm's author. Mydoom.B also apparently blocks infected computers from accessing web sites that could help them by overwriting host files and pointing them to non-existent IP addresses.

29 January 2004 - Warner Bros. Files Suit Against Man For Alleged Role in Film Piracy
The Warner Brothers film studio has filed a lawsuit against Carmine Caridi, the Academy of Motion Picture Arts and Sciences member who allegedly sent screener copies of films to a man in Illinois, who
subsequently digitized them and put them on the Internet. Ten other unnamed defendants listed in the suit are alleged to have been involved with a scheme to distribute movies on the Internet.

28 January 2004 - Former Microsoft Employee Convicted and Sentenced for Software Theft
Former Microsoft employee Wilson Delancy has been sentenced to 21 months in prison and ordered to pay $4 million in restitution for his part in a software theft and reselling scheme.

28 January 2004 - MyDoom Virus Spreading Rapidly - Targets SCO
The MyDoom virus is spreading rapidly in part because of its effective social engineering. It masquerades as a technical email from someone known to the victim, then spreads rapidly, installs a back door and begins to attack SCO.com.

26 January 2004 - FDIC Warns of Phishers Preying on Terrorism Fears
The Federal Deposit Insurance Corporation (FDIC) issued an advisory last week warning that phishers have been sending out e-mails telling people that their FDIC bank account deposit insurance has been suspended as a result of an investigation conducted under the USA-PATRIOT Act. People are told that their accounts will lose FDIC protection unless they provide their account details for verification. The phishers have exploited a known Internet Explorer vulnerability that allows them to spoof web sites; while the link appears to lead to an FDIC site, it actually leads to a server in Pakistan.

25 January 2004 - Filters Force Spammers to Use Gibberish
Though the incidence of spam may not be decreasing, the coherence of the messages is definitely decreasing. Spammers who wish to evade filters must garble their messages; most people are unlikely to open e-mail with subject lines full of gibberish.
[SANS editor's note: My p.r.e.d.i.c.t.i.0.n. is that spa8mmers will have to f1nd 0ther v3nues s00n. E-m8il, as a batch service, is too 3asy to add pr0cessing into its d8ta path. L00k f0r future s.p.a.m.m.er.s.
to f0cus on inst8nt messag3ing and p33r to p33r.]

25 January 2004 - Dumaru Worm Poses As Photograph But Steals Online Banking Details
Sophos technical support has advised customers about the Dumaru-Y worm which poses as an emailed photograph, whilst really attempting to steal online banking details.


23 January 2004 - Alleged Movie Pirate Arrested
FBI agents have arrested Russell Sprague of Illinois for allegedly using the Internet to distribute screener versions of films that were intended for the members of the Academy of Motion Pictures Arts and sciences (AMPAS). The screener films have been traced back to an AMPAS member who is a friend of the suspect who says he believed Sprague was just someone who enjoyed watching movies.

12/13 January 2004 - Banks Warn Customers About Phishing Scams
With phishing scams on the rise, banks are warning their customers to be wary of suspicious e-mail, especially if it guides them to a site that asks for personal details that could be used by identity thieves.

12 January 2004 - Trojan Wrapped In Phony XP Service Pack
A new Trojan called Xombe was being circulated Friday morning. The malicious code arrives in an e-mail purporting to be a Windows XP service pack mailed from the Microsoft domain.

12 January 2004 - Mimail-P Promises Prize, Steals Information
The latest Mimail variant was detected Wednesday. Like other variants, it targets PayPal customers and tries to steal credit card and Social Security numbers.

9/10 January 2004 - Adobe Adds Anti-Counterfeiting Technology
At the request of government regulators and bankers, Adobe has added anti-counterfeiting technology to its Photoshop graphics software. The code came from the Central Bank Counterfeit Deterrence Group, which represents banks in many Western European countries, Japan, the UK, the US and Canada. Adobe admitted it had added the software only after a customer complained about the program's behavior when he tried to open an image of a $20 bill. People are displeased that a private company
is acting as an agent for governmental powers.

9 January 2004 - Australian Police Investigating Internet Banking Thefts
Australian Federal Police are investigating a scheme in which cyber thieves are using Trojan horse programs to steal people's banking details and transfer money out of their accounts. The people who were targeted had used computers with inadequate anti-virus protection.

6/9 January 2004 - Almost Half of KaZaA Files Contain Malware
Research from TruSecure, a company specializing in risk management, found that 45% of files downloaded from KaZaA contained malware. TruSecure senior analyst Bruce Hughes encourages companies to educate their employees about the security risks involved in peer-to-peer file
sharing. http://www.zdnet.co.uk/print/?TYPE=story&AT=39118915-39020330t-10000025c

6 January 2004 - Phony FBI e-Mail Contains Malware Attachment
Some people have been receiving e-mail messages purporting to be from the FBI and informing them that they will be indicted on charges of illegal downloading. The e-mail includes an attachment that claims to
be the evidence taken from their computers but which really contains malware. Closer examination of the e-mail message reveals grammatical and factual clues that it is not authentic.

4 January 2004 - RIAA Lawsuits Spur Downturn in Downloading
Research from the Pew Internet and American Life project found that the number of people who downloaded music from the Internet fell from 35 million in the spring of 2003 to 18 million in a four-week period in early winter 2003. The Recording Industry Association of America's (RIAA) approximately 400 lawsuits filed against people who had illegally downloaded music is a likely reason for the decline. In addition, use of peer-to-peer file sharing networks such as KaZaA and Grokster fell significantly over the past year. http://news.com.com/2102-1027_3-5134691.html?tag=st_util_print
(Webmaster note - although drastic in nature, the RIAA actions have done wonders for awareness of copyright law)

2 January 2004 - Social Discovery Sites' Security Lacking
Social discovery web sites are gaining popularity, but tend to place performance over privacy and security concerns. One's login page sends passwords in the clear; another uses unique session IDs, which are
easily defeated. Intruders on these sites prey on others' reputations.

Return to top
© 1999-2016 Security Awareness, Inc. All Rights Reserved  :  Privacy Statement
Contact Us     Site Map