Return-Path: <sentto-279987-3886-1005841234-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Thu, 15 Nov 2001 08:22:07 -0800 (PST) Received: (qmail 2511 invoked by uid 510); 15 Nov 2001 16:19:24 -0000 Received: from n31.groups.yahoo.com (216.115.96.81) by all.net with SMTP; 15 Nov 2001 16:19:24 -0000 X-eGroups-Return: sentto-279987-3886-1005841234-fc=all.net@returns.groups.yahoo.com Received: from [10.1.4.53] by n31.groups.yahoo.com with NNFMP; 15 Nov 2001 16:20:36 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-8_0_0_1); 15 Nov 2001 16:20:34 -0000 Received: (qmail 70732 invoked from network); 15 Nov 2001 16:20:34 -0000 Received: from unknown (216.115.97.171) by m9.grp.snv.yahoo.com with QMQP; 15 Nov 2001 16:20:34 -0000 Received: from unknown (HELO red.all.net) (65.0.156.78) by mta3.grp.snv.yahoo.com with SMTP; 15 Nov 2001 16:20:34 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id fAFGLK126095 for iwar@onelist.com; Thu, 15 Nov 2001 08:21:20 -0800 Message-Id: <200111151621.fAFGLK126095@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Thu, 15 Nov 2001 08:21:20 -0800 (PST) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Experts:.Insiders.Biggest.Cyberterror.Threat] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Experts: Insiders Biggest Cyberterror Threat By Rutrell Yasin, InternetWeek, 11/15/2001 <a href="http://dailynews.yahoo.com/h/cmp/20011114/tc/inw20011113s0007_1.html">http://dailynews.yahoo.com/h/cmp/20011114/tc/inw20011113s0007_1.html> Although the terrorist attacks of Sept. 11 have compelled businesses to better protect their physical assets, a greater effort is still needed to shore up electronic defenses beyond the entry points into corporate networks, according to security managers and experts. Although the terrorist attacks of Sept. 11 have compelled businesses to better protect their physical assets, a greater effort is still needed to shore up electronic defenses beyond the entry points into corporate networks, according to security managers and experts. DON'T MISS: Continuing Coverage of the Internet's Performance After The Sept. 11 Tragedy Experts fear that cyberterrorists could soon attempt to compromise the systems run by electric utilities, banks, health-care providers and other operators of critical national infrastructure. They believe such attacks would be difficult to pull off, unless the attackers received help from insiders. The hijack attacks "jolted many companies and made senior management more committed to shoring up network defenses," said Mike Hager, vice president of network security and disaster recovery at Oppenheimer Funds. The financial services firm saw attempts to break into its network from IP addresses in southeast Asia a week before the airline attacks. More emphasis should be placed on tools and procedures that control user access rights and privileges to networked resources, Hager said. An insider may know the weak points in the network as well as where critical assets are located. To protect against insider attacks, companies need to harden their servers by making sure not to open up holes amid configuration changes. For example, when new users are added, administrators must make sure they don't mistakenly give users root privileges on the server, and when new applications are added, they must give users only the needed level of access, said Steve Kanclerowicz, an analyst at Veridian, which provides security services for government agencies. Administrators also shouldn't run more than one critical network service, such as a Domain Name Server or firewall, on a single server. This way, they can avoid a single point of failure. Additionally, they should install intrusion detection software on servers as well as detection systems on the network so administrators can be alerted to all suspicious activity. "We've never taken anything nonchalantly," said Ramon Rodriguez, director of network services at Utilicorp United, an international energy company. "If anything, the attacks heightened our concern." While declining to talk specifically about security measures he is employing, Rodriguez said Utilicorp has a corporate security policy that addresses all aspects of security, physical as well as electronic. With a host of hacking and distributed denial-of-service (DoS) tools available on the Internet, some experts caution that cyberterrorists could unleash a range of attacks to cripple computers and networks that support critical infrastructures. The FBI (news - web sites)'s National Infrastructure Protection Center earlier this month issued an advisory warning companies responsible for infrastructure support systems to be extra vigilant. The caution comes in light of an increase in "hacktivism" activity since September aimed at U.S. organizations. Most have been relatively harmless defacements of Web sites, but NIPC reports that the potential "for future DoS attacks is high." An example of a protest turning into a serious cyberthreat came in Sept. 1998 when an activist group, using a JavaScript tool called FloodNet, organized a virtual sit-in that in effect launched DoS attacks on the Pentagon (news - web sites), the Frankfurt Stock Exchange and the Mexican president's Web site. The Pentagon and Frankfurt attacks caused no damage, while the Mexican president's site was brought down. Still, cyberattackers would have to be well funded and have the resources to launch a coordinated attack from multiple locations to be successful, Kanclerowicz said. "It will take a lot more resources to take down a power grid or a bank than a few guys working on laptops," he said. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Universal Inkjet Refill Kit $29.95 Refill any ink cartridge for less! Includes black and color ink. http://us.click.yahoo.com/XwUZwC/MkNDAA/ySSFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST