BUSH'S "SECURE CYBERSPACE" PLAN
The Bush administration's National Strategy to Secure Cyberspace will depend on major private sector contributions to develop one centralized network operations center to "assess Internet health" 24 hours a day, seven days a week, eWEEK reported Tuesday. A draft of the document obtained by eWEEK shows the administration wants to establish a separate office within the Department of Homeland Security to work with the flow of information within the federal government and with private sector sources. The new "infrastructure protection program office" also would be responsible for figuring out how to store information on critical infrastructure protection submitted by non-governmental sources. The document also establishes the right for the United States to use "cyber warfare" to respond to a "nation, terrorist group or other adversary" who attacks the United States through the Internet. The draft obtained by eWEEK is said to be very similar to the final document President Bush recently signed, which is due for release in several weeks.
TRAGEDY COMPOUNDED: NASA HACKED
Several servers at NASA's Jet Propulsion Laboratory were hacked Saturday and replaced by pages with political messages critical of U.S. policy in Iraq, IT World reports. The timing was unfortunate, with the loss of space shuttle Columbia Saturday marked one of the worst days in NASA history since the space shuttle Challenger tragedy. According to U.K. security company mi2g Ltd., which reported the break-in, self-titled Trippin Smurfs hackers attacked nine of the JPL's servers starting just after 2 p.m. PST Saturday. The attacks lasted more than an hour and a half, mi2g said, and targeted servers supporting the jpl.nasa.gov Web site. Among the commentary replacing the normal content: "I noticed that a war with Iraq is imminent... and i wonder why?!... When is this going to stop? Why does U.S. attack Iraq?" NASA spokesman Brian Dunbar told IT World the affected machines were taken offline for about five hours following the attack. Mi2g said it was unclear whether Trippin Smurfs were related to fundamentalist hacker groups such as the pro-Islamic Unix Security Guard, and whether the attack was prompted by the Columbia disaster, although the replaced pages did not mention the lost space shuttle. NASA is working with law enforcement officials to track down the perpetrators of the attack, IT World said.
CYBER ATTACKS DOWN FOR FIRST TIME
The number of Internet attacks has fallen for the first time, dropping 6 percent in the past six months, Net security company Symantec said Tuesday. More good news -- the damage caused by recent blended threats -- which combine the characteristics of viruses, worms, Trojan horses and malicious code with server and Internet vulnerabilities to initiate, transmit and spread attacks -- was considerably less than caused by old threats such as Code Red, according to Symantec's Internet Security Threat Report. The company reports 85 percent of all attacks reported in the second half of 2002 were classified as "pre-attack reconnaissance," with only 15 percent considered different forms of exploitation attempts. Moreover, the company found an almost 82 percent increase in new vulnerabilities in 2002 vs. 2001, although the relative ease with which hackers were able to exploit new vulnerabilities has remained unchanged over the past year. Power and energy companies show the highest rates of both attack activities and severe event incidents, Symantec said, but the financial services industry experienced an increase in overall threat volume. A copy of the report is available at symantec.com.
NET OPENS DOORS FOR THE DEAF
New services are making the Internet a better communication portal for the deaf and hearing impaired, according to a report by Wired.com. The traditional communications methods -- TTY or TDD -- used special keypads on which the deaf or hearing impaired person would type their message, which an operator would then relay to the person on the other end of the line. This method can be ineffective for translating the highly visual American Sign Language to English, Wired.com said. The new Video Relay System, recently released by AT&T, uses a webcam hooked up to a PC with a high-speed Internet connection. A deaf signs to an interpreter, who then speaks to the hearing person being called. According to Mitchell Levy, an AT&T Relay account messenger, the new system is much easier than traditional relay. Levy, who is deaf, spoke to Wired.com using the system. "(VRS is) more natural, it's faster and there's no lag time," he said. Judy Harkins, director of Gallaudet University's Technology Access Program, concurred. "VRS is very exciting. It is and will be extremely useful to people who can sign, as it is much faster and natural for people on both sides of the conversation -- more equivalent to voice conversation than text methods can be," she said. A similar system also is available from Communications Services for the Deaf, Wired. com reports.
NEW PROGRAM MONITORS CORPORATE INSTANT MESSAGE TRAFFIC
Companies now can log instant message traffic on their corporate networks from the major IM applications. IM traffic is expected to have 255 million users in the workplace by the end of 2006, up from 80 million today -- 70 percent of whom are unsanctioned. Web security provider Blue Coat Systems Inc. Monday announced a new system to secure and control IM traffic, which it says opens networks to Internet virus infection and can lead to the leaking of confidential information. The company's new system, Blue Coat IM Traffic Control, is expected to be available in the spring.
Got a tip for UPI's On the Net? Send an e-mail to sciencedesk.upi.com