[ISN] "Increased Cyber Awareness"

From: InfoSec News (isnat_private)
Date: Tue Sep 18 2001 - 01:02:57 PDT

  • Next message: InfoSec News: "[ISN] Comdisco Shines as Disaster Recovery Takes Center Stage"

    Forwarded by: C. L. Staten <sysopat_private>
    ADVISORY 01-020
    "Increased Cyber Awareness"
    September 14, 2001
    The National Infrastructure Protection Center (NIPC) expects to see an
    upswing in incidents as a result of the tragic events of September 11,
    2001. Increased hacking attacks are likely to have two motivations:
    * Political hacktivism by self-described "patriot" hackers targeted at
      those perceived to be responsible for the terrorist attacks. NIPC
      has already received reports of individuals encouraging vigilante
      hacking activity.
    * Virus propagation in which old viruses are renamed to appear related
      to recent events. One such incident has already been reported in
      which a new version of the life_stages.txt.shs virus was renamed
      wtc.txt.vbs to appear to be related to the World Trade Center. 
    The NIPC reiterates that the above conduct is illegal and punishable
    as a felony, with penalties extending to five years in prison. Those
    individuals who believe they are doing a service to this nation by
    engaging in acts of vigilantism should know that they are actually
    doing a disservice to the country.
    To limit the potential damage from any cyber attacks, system
    administrators are encouraged to follow best practices to ensure the
    security of their networks. Some of the most basic measures are
    outlined below:
    * Increase user awareness 
    * Update anti-virus software 
    * Stop hostile attachments at the e-mail server 
    * Utilize ingress & egress filtering 
    * Establish policy and procedures for responding and recovery 
    For a more comprehensive security checklist please refer to the
    following sites:
    * www.cert.org/security-improvement 
    * www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools/
    * www.sans.org/topten.htm 
    Recipients of this Advisory are encouraged to report computer
    intrusions to their local FBI office
    or the NIPC, and to other appropriate authorities. Incidents may be
    reported online at http://www.nipc.gov/incident/cirr.htm The NIPC
    Watch and Warning Unit can be reached at (202) 323-3204/3205/3206 or
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 18 2001 - 04:05:55 PDT