Return-Path: <sentto-279987-3283-1003813299-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Mon, 22 Oct 2001 22:03:11 -0700 (PDT) Received: (qmail 28977 invoked by uid 510); 23 Oct 2001 05:01:09 -0000 Received: from n28.groups.yahoo.com (216.115.96.78) by 204.181.12.215 with SMTP; 23 Oct 2001 05:01:09 -0000 X-eGroups-Return: sentto-279987-3283-1003813299-fc=all.net@returns.onelist.com Received: from [10.1.4.56] by n28.groups.yahoo.com with NNFMP; 23 Oct 2001 05:01:39 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 23 Oct 2001 05:01:39 -0000 Received: (qmail 93900 invoked from network); 23 Oct 2001 05:01:38 -0000 Received: from unknown (10.1.10.26) by l10.egroups.com with QMQP; 23 Oct 2001 05:01:38 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta1 with SMTP; 23 Oct 2001 05:01:38 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id f9N51wE14695 for iwar@onelist.com; Mon, 22 Oct 2001 22:01:58 -0700 Message-Id: <200110230501.f9N51wE14695@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 22 Oct 2001 22:01:58 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Power.Station.Incident.Should.Generate.Further.Security.Awarenes] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit [FC - an example of really poor/irresponsible reporting...] Power Station Incident Should Generate Further Security Awareness By Richard Hunter, William Malik, 10/22/2001 No URL available. Breaches such as the one that recently hit the California Independent System Operator (ISO) are common and often result from a lack of security awareness on the part of a well-intentioned IT security staff. Enterprises managing sensitive information or crucial services must take extraordinary security measures. Event During a recent attack on the California ISO distribution center, a hacker gained control of two Web servers connected directly to the Internet without an active firewall - a situation that could have left the door open for penetration of more-critical systems. [FC - how could a test system outside the firewall leave a door open to attack the power grid?] First Take Human error lies at the root of most unauthorized access incidents, and the complexity of computer systems makes it more likely that human errors will continue to occur. Once they happen, a hacker will likely sooner or later - probably sooner - discover and exploit an error if it persists. Fortunately, in the case of the attack on the power center, the hacker's lack of experience probably limited the depth of the breach. [FC - human error - as in design errors by Microsoft? What a generic statement] Very few business functions occur in our society without the control or assistance of a computer. Any computer not secured on a network could be breached - and any unauthorized intruder might be dangerous. If the computer manages sensitive information critical to people's lives or business, the intrusion threatens them as well. Enterprises responsible for sensitive services - or that could cause widespread harm if the information is misused, unavailable or distorted - must take extraordinary measures to ensure that those services are not visible on the Internet. Enterprises should put all systems behind a secure firewall. A number of available tools can ensure that breaches do not regularly occur. Enterprises must also scan regularly for intrusions and malicious code and have a policy that requires regular verification of the status of their systems, especially for something as important as a power grid or other critical systems. At this point in the evolution of IT security practices, allowing such important systems to remain wide-open verges on irresponsibility. Enterprises that do not have a security policy should develop one. Those that do have a policy should verify that employees understand and comply with it. [FC - again with the free advice from someone who doesn't know what he is talking about...] Enterprises should not treat security as an afterthought. It must become part of the training and procedures implemented with any system from the first. Gartner expects that negligence suits and regulatory penalties aimed at sloppy security administrators and their companies will come about in the United States as early as 2003. [FC - How ridiculous. The power industry has always has far more stringent security than most industries - the notion that the ISO security was an afterthought is ridiculous. The afterthought was from the government regulators who required thee systems to be connected to the Internet to facilitate free trade. As the vulnerabilities in the telephone system are largely due to government regulations.] Analytical Sources: Richard Hunter and William Malik, Information Security Strategies The content herein is often based on late-breaking events whose sources are believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of the information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The conclusions, projections and recommendations represent Gartner's initial analysis. As a result, our positions are subject to refinements or major changes as Gartner analysts gather more information and perform further analysis. Entire contents © 2001 Gartner, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden. GartnerGroup Corporate Headquarters, 56 Top Gallant Road, Stamford, Connecticut 06904 USA +1-203-316-1111 Entire contents © 2001 Gartner, Inc. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice. ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:56 PST