Home Archive RSS/XML Subscribe Shop

[ISN] Increased Internet Attacks Against U.S. Web Sites and Mail Servers Possible in Early May

From: Eric Wolbrom <eric_at_SHTECH.NET>
Date: Fri 27 Apr 2001 - 08:44:45 CDT
http://www.nipc.gov/warnings/advisories/2001/01-009.htm


ADVISORY 01-009

"Increased Internet Attacks Against U.S. Web Sites and Mail Servers
Possible in Early May"
Issued 04/26/2001

Citing recent events between the United States and the People's
Republic of China (PRC), malicious hackers have escalated web page
defacements over the Internet. This communication is to advise
network administrators of the potential for increased hacker activity
directed at U.S. systems during the period of April 30, 2001 to May
7, 2001. Chinese hackers have publicly discussed increasing their
activity during this period, which coincides with dates of historic
significance in the PRC: May 1 is May Day; May 4 is Youth Day; and,
May 7 is the anniversary of the accidental bombing of the Chinese
Embassy in Belgrade.

To date, hackers already have unlawfully defaced a number of U.S. web
sites, replacing existing content with pro-Chinese or anti-U.S.
rhetoric. In addition, the NIPC previously reported on an Internet
worm named "Lion" that is infecting computers and installing
distributed denial of service (DDOS) tools on various systems.
Analysis of the Lion worm's source code reveals that, when illegally
exploited, it sends password files from the victim site to an email
address located in China. For more information on the Lion DDOS tool,
refer to NIPC Advisory 01-005.

As a result of the activity already seen, together with public
statements threatening increased illegal activity, network and system
administrators are encouraged to more closely monitor their web sites
and mail servers during April 30, 2001 through May 7, 2001 for
attacks that could include web page defacements and denial-of-service
attacks.

Recipients of this advisory are encouraged to report computer
intrusions to their local FBI office
(http://www.fbi.gov/contact/fo/fo.htm) or the NIPC, and to other
appropriate authorities. Incidents may be reported online at
http://www.NIPC.gov/incident/cirr.htm. The NIPC Watch and Warning
Unit can be reached at (202) 323-3204/3205/3206 or NIPC.Watch@fbi.gov.
--
____________________________________________________________________
Eric Wolbrom, CISSP                     Safe Harbor Technologies
President & GCD                         106 Corporate Park Drive
Voice 914.644.6060 ext. 6000            White Plains, NY 10604
Fax   914.644.6050                              http://www.shtech.net

We are here to help you keep your communications yours!!!
_____________________________________________________________________

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Sat Apr 28 04:42 CDT 2001
Google
 
Web www.infosecnews.org
© Copyright 2007 InfoSec News
Home Archive RSS/XML Subscribe Shop Privacy