Intelligence Update
By Gary Miller
Copyright©1999
FBI Alarmed Over Doctored Y2K Software
Tampered computer software being distributed as Y2K bug fixes has the FBI very worried!
The bogus Y2K fixes have begun to surface in some U.S. work undertaken by foreign contractors, and that has left the FBI and our people in Washington deeply concerned, as related by FBI spokesman, Michael Vatis, when interviewed by the Reuters news organization.
Vatis heads the inter-agency National Infrastructure Protection Center (NPIC), which is responsible for detecting and countering cyber-attacks on critical U.S. data communications networks involving telecommunications, transportation, finance, defense, and other vital operations.
One CIA official working with the NIPC warned that India and Israel appeared to be the "most likely sources of malicious remediation" of U.S. software because they fit the profile of those who might gain from such intervention. He further stated that their governments or industries would be likely to use their access to implant malicious code because they have the means and are open to the opportunity to do so.
The CIA officer, Terrill Maynard, said that due to our extensive use of foreign contractors in Ireland, Pakistan, the Philippines, and other countries to perform Y2K repair, there is an additional risk. Added to all that, there is the fact that thousands of U.S. businesses have contracted out Y2K system upgrades to foreign providers, who may or may not have our best interests at heart.
Our U.S. Senate Y2K Committee issued a late September report that confirmed the FBI's fears-- the committee described the situation as "unsettling." Members of the committee pointed out that the requirement to fix the code could introduce serious long-term risks to the nation's security and information superiority.
NSA Snoop Built Into Windows!!!
What had been written off as conspiracy paranoia by the greater part of the computer industry, has now been proven as fact!
A careless "mistake" by Microsoft programmers has revealed that special access codes for use by the U.S. National Security Agency (NSA) have been secretly built into [all] current versions of the Windows operating system.
Many security specialists, over the past several years, were aware that "unusual features" were hidden within a standard Windows driver that was designed to control security and encryption functions within the predominant operating system.
Called ADVAPI.DLL, the driver enables and controls a range of security functions, which include the Microsoft Cryptographic API (MS-CAPI). The bad thing about those APIs is that they run without user intervention or control.
A British cryptography specialist attending last year's Crypto 98 conference said that he had disassembled the driver and found it contained two different keys. One is used by Windows to control and enable cryptographic functions as prescribed by U.S. export regulations. But a great mystery surrounds the second key... Who owns it? Why was it built into Windows in the first place?
A security company in North Carolina has now come up with conclusive evidence that the second key belongs to the NSA!
A scientist at Cryptonym of Morrisville, North Carolina, while investigating the presence and significance of the two keys, found that the latest Service Pack release for Windows NT-4, (Service Pack 5) contained the "debugging symbols" used to test the software before being released. Hidden within the code were the labels for the two keys. One was called "KEY." The other was called "NSAKEY."
The Cryptonym scientist reported his re-discovery of the keys to the "Advances in Cryptology, Crypto'99" conference held in Santa Barbara, California earlier this year. According to those present at the conference, Microsoft Windows developers attending the conference did not deny the "NSA" key was built into their software-- but they refused to talk about [what] the key did, or [why] it had been put there without users' knowledge!
Some attendees at the conference said that Microsoft's chief programmers there appeared to be "stunned" when they learned that the version of the ADVAPI.DLL shipping with Windows 2000 contains not two, but [three] such keys. This discovery by the Cryptonym scientist was based on advanced search methods which test and report on the "entropy" of programming code.
The experts are divided on their opinion about whether the keys might be intended to let U.S. government users of Windows run classified cryptosystems on [their] machines or whether it is intended to open up [anyone's] and [everyone's] Windows-based PC to intelligence gathering schemes deployed by the NSA's massive corps of "information warriors."
According the Cryptonym spokesman, the result of having the secret key inside your Windows operating system is that it is dreadfully easier now for the NSA to load unauthorized security services on [all] copies of Microsoft Windows, and once these security services are loaded, they could compromise your entire operating system. The NSA key is contained inside all versions of Windows 95 OSR2 (and above) and Windows 98!
But there also remains the possibility that NSA's built-in loophole could be reversed and used against the snoopers. One industry source explained that the NSA key inside CAPI could be replaced by one's own key, and used to sign cryptographic security modules from foreign operatives or unauthorized third parties-- unapproved by either the NSA or Microsoft.
One leading U.S. cryptographer stated that the information technology (IT) world should be thankful that the sabotage of Windows by the NSA has been exposed before the arrival of processors that handle encrypted instruction sets. These would make the type of discoveries made last month impossible. "Had the next-generation CPUs with encrypted instruction sets already been deployed, we would have never found out about NSAKEY," he said.
Hacker Confessed To Attack On NATO & White House
A Sep. 8 Reuters press release disclosed that a 19-yr. old computer hacker plead guilty to attacks against the Web sites of NATO, Vice President Al Gore, and the United States Information Agency (USIA), as reported by federal prosecutors.
Eric Burns of Shoreline, Washington, also admitted in a Virginia federal court that he had advised others on how to attack the White House Web site, according to the prosecutors from the U.S. Attorney's Office. Although sentencing will not take place until November 19, Burns could be facing a maximum of $250,000 in fines and/or five years in jail.
Burns admitted to electronic break-ins that damaged computers in Washington, D.C., Virginia, Washington state and London. The government prosecutors estimated the total damages caused by Burns to be in the range of $40,000.
After designing his own program to seek out vulnerable Web sites, Burns found that the government and business pages hosted by Electric Press in Reston, Virginia and Laser.Net in Fairfax, Virginia were significantly vulnerable to hacker invasion. One Web site in London was also attacked by the young hacker, who usually replaced the Web pages with his own, and often made references to his code name "Zyklon" and his love for a woman named Crystal.
Army Says Mac O/S Is Safer Than Windows
After engaging in an all-out war with computer hackers, the U.S. Army has given Windows NT a dishonorable discharge and has enlisted Apple Macintosh servers running WEBSTAR Web server software.
The U.S. Army Public Affairs department and the ArmyLINK News further stated last month that "the Macintosh does not offer remote logins and is considered more secure."
White House May Soften On Crypto Laws
News sources on Sep. 15 stated that the Clinton White House was preparing to further relax encryption export laws. At that time, Vice President Al Gore was expected to make a statement regarding the controls on the export of so-called "mass market" encryption products whereby restrictions would possibly be lessened to the point where U.S. security vendors will be able to ship [strong] encryption technologies to foreign countries-- with obvious provisions to curb such sales to "rogue" nations-- such as Iraq and Iran.
A small first step toward easing the crypto export laws came about one year ago when federal officials granted permission for the export of products with encryption keys up to 56 bits in length. U.S. security vendors will surely welcome further softening of the export limitations, should it come to pass. The U.S. Security vendors have contended all along that current legislation has thwarted their ability to compete with foreign vendors who are not subject to similar restraints.
Privacy Advocates Alarmed Over Stealth Software
Privacy advocates are very troubled over the release of a stealth-based software that covertly monitors the user's key- board and application activity, then secretly e-mails a detailed report to the employees' boss.
The software, Investigator 2.0 from WinWhatWhere, was recently upgraded to a level where it runs silently and unseen by the end-user as it gathers exacting details on every keystroke every menu item selected, all chat rooms visited, all e-mail sent, and every e-commerce transaction completed.
WinWhatWhere officials and their supporters argue that the software is a boon to employers who suspect that sensitive information may be leaking out as their employees make copies of customer databases and sales leads, etc.
WinWhatWhere customers have included government agencies, airlines, correctional institutions, and other security- sensitive industries.
When the ACLU (American Civil Liberties Union) learned of the function and purpose of the software, one of their officials described the situation as "frightening."
The ACLU pointed out that electronic monitoring of the work- place calls for new privacy legislation because it is illegal for employers to listen in on an employee's telephone call to a spouse-- but that same conversation over e-mail could be read and posted on a bulletin board.
There currently is no legislation to address the issue, and there is none pending, according to a TechWeb news source.
Nuclear Reaction Disaster In Japan!
"There is a strong possibility that abnormal reactions are continuing within the facility"-- so stated Japan's Chief Cabinet Secretary Hiromu Nonaka at an emergency news conference on Sep. 30.
Nearly 12 hours after a Sep. 29 accident, Japanese officials widened the area of concern, warning residents within a six- mile radius to stay indoors, according to an MS-NBC news bulletin.
Japan's Ground Self-Defense Force's chemical warfare unit was ready to be deployed to the accident site, but officials were worried that it lacked relevant experience. This concern led to the decision to request the U.S. military for technical help, but the U.S. government advised at that time that our military units in Japan were not equipped to handle such an emergency.
Chief Cabinet Secretary Hiromu Nonaka stated that there might have been a "criticality" incident at the plant, located in Tokaimura, about 90 miles northeast of Tokyo.
CRITICALITY is defined as: the point at which a nuclear chain reaction becomes self-sustaining, similar to what occurs inside a nuclear reactor. (Critical Mass)
The MS-NBC account stated that a nuclear reaction apparently occurred when the workers added too much uranium to a nuclear fuel processing tank. Company officials at the plant said they thought that while radioactivity was released into the atmosphere, the radioactive material itself remained contained.
One Japanese official said radiation levels around the plant had jumped to 10,000 times higher than normal immediately after the accident. Ten miles away, the radiation levels were estimated to be about 10 times higher than normal.
Plant workers reported seeing a "blue flash," which experts say is a tell-tale sign of a criticality incident.
Immediate evacuation of residents within a 1,150 foot radius of the nuclear material plant was advised by officials at Tokaimura. Others were advised via radio broadcasts to stay in their homes.
Of three workers taken to a specialized hospital, two were in critical condition, and in a state of shock. All three had an unusually high white blood cell count.
A later news report on Oct 1, indicated that about 45 other workers were contaminated, but not hospitalized. This later report also outlined the attempt and apparently favorable results in getting the nuclear reaction under control.
Japanese engineers evidently stopped the chain reaction inside the uranium processing plant on Friday, lending to the prospect that Japan's worst-ever nuclear disaster was almost over.
Following the plan of the engineers, workers drained coolant water from the highly-radioactive nuclear fuel processing tank.
Since water magnifies a nuclear reaction when it comes in contact with uranium... when the water was drained away, the reaction appeared to subside. Hundreds of thousands of Tokaimura residents, however, were warned to remain inside their homes for the rest of the day as a precaution against exposure to the radiation, officials said.
Press releases out of Japan on Friday morning (U.S. time) said radiation levels had dropped to a quarter of what they measured before the water was drained, and soon reached what officials said were "near-normal levels."
Kazuo Sato, the chairman of the Nuclear Power Safety Committee, announced the end to the "reaction" at about 9:30 a.m. Friday Tokaimura time), but recue teams reported at least 55 people were suffering from radiation exposure in Tokaimura.
U.S. officials reported that the State Department and Department of Energy were working closely with the government of Japan on the response to the accident. U.S. Energy Secretary Bill Richardson, speaking during a telephone interview from Russia, affirmed that the United States and Russia were prepared to send a joint team of nuclear experts to Japan along with high-tech robots that can work in areas too dangerous for human beings. The only thing slowing down the support mechanism was that a formal request for the help from Japan had not been received, as noted by CNN online.
No one on either the Japanese or U.S. shores, however, could give an accurate projection of the long-term effects of the radiation upon the people of Tokaimura.
No comments:
Post a Comment