[iwar] [fc:Experts:.Insiders.Biggest.Cyberterror.Threat]

From: Fred Cohen (fc@all.net)
Date: 2001-11-15 08:21:20
Next message: Fred Cohen: "[iwar] [fc:House.OKs.Bill.With.Cyber-Security.Funding]"
Previous message: Fred Cohen: "[iwar] [fc:Deadly.Secrets.Left.By.Fleeing.Taleban]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200111151621.fAFGLK126095@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Thu, 15 Nov 2001 08:21:20 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:Experts:.Insiders.Biggest.Cyberterror.Threat]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Experts: Insiders Biggest Cyberterror Threat

By Rutrell Yasin, InternetWeek, 11/15/2001
<a href="http://dailynews.yahoo.com/h/cmp/20011114/tc/inw20011113s0007_1.html">http://dailynews.yahoo.com/h/cmp/20011114/tc/inw20011113s0007_1.html>

Although the terrorist attacks of Sept. 11 have compelled businesses to
better protect their physical assets, a greater effort is still needed
to shore up electronic defenses beyond the entry points into corporate
networks, according to security managers and experts. 
Although the terrorist attacks of Sept. 11 have compelled businesses to
better protect their physical assets, a greater effort is still needed
to shore up electronic defenses beyond the entry points into corporate
networks, according to security managers and experts.

DON'T MISS: Continuing Coverage of the Internet's Performance After The
Sept. 11 Tragedy 
Experts fear that cyberterrorists could soon attempt to compromise the
systems run by electric utilities, banks, health-care providers and
other operators of critical national infrastructure. They believe such
attacks would be difficult to pull off, unless the attackers received
help from insiders. 
The hijack attacks "jolted many companies and made senior management
more committed to shoring up network defenses," said Mike Hager, vice
president of network security and disaster recovery at Oppenheimer
Funds. The financial services firm saw attempts to break into its
network from IP addresses in southeast Asia a week before the airline
attacks. 
More emphasis should be placed on tools and procedures that control user
access rights and privileges to networked resources, Hager said. An
insider may know the weak points in the network as well as where
critical assets are located. 
To protect against insider attacks, companies need to harden their
servers by making sure not to open up holes amid configuration changes.
For example, when new users are added, administrators must make sure
they don't mistakenly give users root privileges on the server, and when
new applications are added, they must give users only the needed level
of access, said Steve Kanclerowicz, an analyst at Veridian, which
provides security services for government agencies. 
Administrators also shouldn't run more than one critical network
service, such as a Domain Name Server or firewall, on a single server.
This way, they can avoid a single point of failure. 
Additionally, they should install intrusion detection software on
servers as well as detection systems on the network so administrators
can be alerted to all suspicious activity. 
"We've never taken anything nonchalantly," said Ramon Rodriguez,
director of network services at Utilicorp United, an international
energy company. "If anything, the attacks heightened our concern." 
While declining to talk specifically about security measures he is
employing, Rodriguez said Utilicorp has a corporate security policy that
addresses all aspects of security, physical as well as electronic. 
With a host of hacking and distributed denial-of-service (DoS) tools
available on the Internet, some experts caution that cyberterrorists
could unleash a range of attacks to cripple computers and networks that
support critical infrastructures. 
The FBI (news - web sites)'s National Infrastructure Protection Center
earlier this month issued an advisory warning companies responsible for
infrastructure support systems to be extra vigilant. The caution comes
in light of an increase in "hacktivism" activity since September aimed
at U.S. organizations. Most have been relatively harmless defacements of
Web sites, but NIPC reports that the potential "for future DoS attacks
is high." 
An example of a protest turning into a serious cyberthreat came in Sept.
1998 when an activist group, using a JavaScript tool called FloodNet,
organized a virtual sit-in that in effect launched DoS attacks on the
Pentagon (news - web sites), the Frankfurt Stock Exchange and the
Mexican president's Web site. The Pentagon and Frankfurt attacks caused
no damage, while the Mexican president's site was brought down. 
Still, cyberattackers would have to be well funded and have the
resources to launch a coordinated attack from multiple locations to be
successful, Kanclerowicz said. 
"It will take a lot more resources to take down a power grid or a bank
than a few guys working on laptops," he said.

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Universal Inkjet Refill Kit $29.95
Refill any ink cartridge for less!
Includes black and color ink.
http://us.click.yahoo.com/XwUZwC/MkNDAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:House.OKs.Bill.With.Cyber-Security.Funding]"
Previous message: Fred Cohen: "[iwar] [fc:Deadly.Secrets.Left.By.Fleeing.Taleban]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2001-12-31 20:59:59 PST