http://www.gcn.com/vol1_no1/daily-updates/18327-1.html By Patricia Daukantas GCN Staff 04/03/02 A computer scientist from the National Infrastructure Protection Center yesterday urged agency officials to return to the basics of security and guard against cyberattacks by IT insiders. Robert M. Wright, on loan to NIPC's Special Technology Application Unit from the Army, said today's insiders are the people who are allowed onto an agency's network. Such insiders bring in tools ranging from hard drives the size of key chains to anonymous remailers, steganography - hiding messages within digital images - peer-to-peer applications, and infrared and radio wireless devices. Speaking at the National High-Performance Computing and Communications Council's annual conference in Newport, R.I., Wright emphasized the need to investigate the so-called key holders - subcontractors and service providers who haven't undergone the same level of background checking as prime contractors. Finally, agencies should provide continual training in and enforcement of security policies and procedures, even if they seem obvious. Wright likened this to the hundreds of hours that football players spend doing basic drills at training camp. "The idea is repetition, and the pro football players know it," Wright said. "That's how you get good at it." "If most people would take and employ the technology we have today, most of the intrusions wouldn't take place," Wright said. Criminals generally will give up on a well-protected system and find an easier system to hack. The conference continues through Thursday. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Apr 04 2002 - 02:12:48 PST