[ISN] Network Guardians Face Thorny Job

From: InfoSec News (isnat_private)
Date: Mon Mar 17 2003 - 03:14:29 PST

  • Next message: InfoSec News: "[ISN] Web Odds Poor for U.N. Resolution"

    By Michael Grebb  
    March 15, 2003
    WASHINGTON -- The task of protecting America's communications and
    information networks isn't getting any easier.
    And federal agencies and private companies face a steeper and steeper
    battle, according to data presented Friday at the Network Reliability
    and Interoperability Council meeting at the Federal Communications
    Indeed, while computer viruses used to take days to spread across the
    Internet, the Code Red virus propagated in 37 minutes in 2001, and the
    more recent Slammer worm spread in about eight minutes.
    "The propagation time for evil to hit everybody has gone from days to
    minutes," said Bill Hancock, chairman of the Network Reliability and
    Interoperability Council's cybersecurity focus group and vice
    president of security at Cable & Wireless. (The NRIC is made up of
    representatives from the telecommunications, cable, wireless,
    satellite and ISP industries.)
    Nonetheless, Hancock said Slammer would have died quickly if companies
    had installed available patches to disable vulnerable ports. Instead,
    it took about three days to neutralize.
    "We live in a no-trust environment, and we need to figure out how to
    deal with that," he said.
    Others insisted that companies take Internet security as seriously as
    physical security in the post-Sept. 11 world.
    "I think people are treating cyberspace with renewed vigor," Richard
    Notebaert, NRIC chairman who is CEO of Qwest, said in an interview
    after the meeting. "We take this very seriously."
    Notebaert conceded that small firms without many resources often face
    challenges or delays in updating patches and fixing other network
    problems. But he argued that problems aren't widespread.
    "Prevention is so much better now than it was," he said. "But
    sometimes a patch gets stuck in an in-basket."
    As companies' vigilance increases, however, so do the threats.
    Hancock said convergence of voice and data into packet networks and
    the practice of assigning TCP/IP addresses to wireless devices has
    turned just about everything into a "hackable target." He said
    engineers must work together to improve signaling protocol security
    and increase compatibility.
    A common problem is that network protocols and operating systems don't
    have the same security features, forcing tough choices for
    administrators responsible for keeping networks up and running.
    "In some cases, you may have to turn off (security) features to get
    the operating system to work," Hancock said.
    Physical security is also often overlooked.
    Experts said managers should be increasingly worried about "blended
    attacks" in which terrorists could simultaneously target physical and
    virtual infrastructure to compound damage or to disrupt the ability of
    first-responders to communicate and respond to an emergency.
    "Sept. 11 had a big impact on the communications infrastructure," said
    Karl Rauscher, director of network reliability at Lucent Technologies'
    Bell Labs unit and chairman of NRIC's physical security focus group.  
    "But that was just collateral damage."
    In case of a direct attack on the nation's communications networks,
    Rauscher said companies should plan for every contingency, including
    storing extra fuel reserves for generators and backup equipment,
    mapping out alternative transportation and even checking for chemical
    residue that could damage equipment in the wake of a chemical attack.
    The 56 NRIC members will vote on more than 200 "best practices"  
    recommendations by March 28, then start the tough process of getting
    members to adopt them across the country. With the telecommunications
    sector in a financial slump, persuading companies to spend money
    implementing the guidelines won't be easy.
    At least one motivating factor, however, is the constant threat of
    regulation from Congress: Some lawmakers would rather force specific
    requirements on communications companies than trust voluntary industry
    Notebaert repeatedly reminded NRIC members to stay involved -- lest
    Congress mandate it.
    "Voluntary is better than mandatory," he said.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Mar 17 2003 - 05:51:19 PST