X-Mailer: ListManager Web Interface Date: Wed, 17 Jul 2002 23:50:01 -0500 Subject: SECURITY WIRE DIGEST, VOL. 4, NO. 54, JULY 18, 2002 To: MNPALMER@xxxxxxxxxxxxx From: Security_Wire_Digest@xxxxxxxxxxxx
*SYMANTEC ACQUIRES THREE SECURITY VENDORS By Lawrence M. Walsh In a major realignment of the infosecurity space, Symantec yesterday announced it acquired three prominent security companies in a $355 million spending spree that will expand its product and service offerings, and take the company a step closer to being the dominant security vendor.
Symantec's all-cash spending spree brings managed service provider Riptech, intrusion-detection vendor Recourse Technologies and the security intelligence and news portal firm SecurityFocus into its products portfolio.
Recourse, best known for its ManTrap honeypot and ManHunt intrusion tracking software, sold for $135 million. Riptech, a leader in manage security services and monitoring, sold for $145 million. And SecurityFocus, which offers the ARIS intelligence service and hosts the Bugtraq mailing lists, sold for $75 million.
"The acquisitions we announced today bring together next generation security technology, products and services that will help us to better serve the needs of our customers and continue to deliver strong top and bottom-line growth," says Symantec Chairman and CEO John W. Thompson.
In addition to the three companies acquired yesterday, Symantec recently bought Mountain Wave, a provider of the CyberWolf security analysis engine, in a $20 million deal. These are the first acquisitions for Symantec since it bought L3 Networks in February 2000.
"These are strategic purchases," says Sterling Auty, VP of IT security equity research at J.P. Morgan. "You're not going to see the valuations any better than in this economic climate."
Symantec piggybacked the acquisition announcements with its second quarter earnings report, which showed a solid 39 percent growth. Revenues were $316 million, compared to $228 million for the same period last year. Symantec stocks closed Wednesday at $33.10, up 33 cents.
*OPERATION DARK SCREEN LOOKS TO SHED LIGHT ON CYBERTERROR By Keith Regan Organizers of a simulated cyberattack planned for San Antonio, Texas hope the drill yields a blueprint for how cities should respond to terrorist attacks on critical IT infrastructure.
Operation Dark Screen will bring together representatives of utilities and other key private industries, the U.S. military as well as local, state and federal agencies.
Dr. Gregory White, technical director for the Center for Infrastructure Assurance and Security (CIAS) at the University of Texas, says the drill will unfold in three phases.
At a "table top" exercise planned for September, representatives of power plants, water departments, emergency departments and Air Force bases around San Antonio will walk through their responses to a cyberattack.
After that exercise is reviewed, a detailed report will be released. Finally, a "full-blown drill" is planned for next May. Planners and cybersecurity experts are working to determine what scenarios to act out during the drill.
"We want the attack to occur on as many areas as possible while still being plausible," says White. "We'll think, if someone wanted to disable this area, what would they do? And we'll start plopping events on the table."
U.S. Rep. Ciro D. Rodriguez (D-Texas) proposed Operation Dark Screen earlier this year after hearing about a biological warfare exercise called Operation Dark Winter.
Rodriguez says San Antonio's host of research and education institutions--and its proximity to the Mexican border and much of the U.S. oil industry--make it vulnerable to "all types of terrorist attacks."
What the test reveals should be applicable elsewhere, he adds. For instance: How will agencies communicate with one another if major telecom systems are disabled?
Organizers recognize the "extreme sensitivity" of the information to be shared, says White, and it's likely a sanitized report will be drafted for public consumption and another for the military and insiders.
But how much information is shared may determine how valuable the security industry finds the exercise, says David McCurdy, director of the Internet Security Alliance.
"Government needs to consider sharing more of what it knows," says McCurdy. "If something of value is shared, the industry will take notice."
*HOUSE APPROVES BILL PUSHING LIFE TERMS FOR CRACKERS A bill that puts some convicted crackers behind bars for life received a near-unanimous vote in the U.S. House of Representatives this week. Similar approval is expected in the U.S. Senate. The Cyber Security Enhancement Act (CSEA), builds on criminal provisions outlined in the USA Patriot Act, particularly elevating the penalty to life imprisonment for certain malicious hackers found guilty of computer intrusions that recklessly endanger lives. That would include attacks against critical infrastructure. Also considered in sentencing: whether government computers were involved, the attacker's level of sophistication and malicious intent. CSEA also allows broader surveillance powers of Internet-connected computers and mandates that ISPs disclose customers' electronic messages to police during criminal investigations. It also would extend a current ban on spyware in print media to online advertisements. http://thomas.loc.gov/cgi-bin/bdquery/D?d107:2:./temp/~bdwQTH:@@@L&summ2=m&;|/bss/d107query.html|