FW: NIPC Advisory 01-020 "Increased Cyber Awareness"

From: George Heuston (georgeh@private)
Date: Fri Sep 14 2001 - 08:59:31 PDT

Next message: George Heuston: "FW: NIPC Daily Report for 14 September"

Previous message: George Heuston: "FW: NIPC Daily Report 13 September"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----Original Message-----
From: NIPC Watch [mailto:nipc.watch@private] 
Sent: Friday, September 14, 2001 7:46 AM
To: daily@private; secure-infragard@private;
fedcirc@private; CERT/CC
Subject: NIPC Advisory 01-020 "Increased Cyber Awareness"

               National Infrastructure Protection Center
                      "Increased Cyber Awareness"
                            Advisory 01-020
                            14 September 2001

The National Infrastructure Protection Center (NIPC) expects to see an
upswing in incidents as a result of the tragic events of September 11,
2001.  Increased hacking attacks are likely to have two motivations:

 * Political hacktivism by self-described "patriot" hackers targeted at
those perceived to be responsible for the terrorist attacks.  NIPC has
already received reports of individuals encouraging vigilante hacking
activity.

* Virus propagation in which old viruses are renamed to appear related
to recent events.  One such incident has already been reported in which
a new version of the life_stages.txt.shs virus was renamed wtc.txt.vbs
to appear to be related to the World Trade Center.

The NIPC reiterates that the above conduct is illegal and punishable as
a felony, with penalties extending to five years in prison.  Those
individuals who believe they are doing a service to this nation by
engaging in acts of vigilantism should know that they are actually doing
a disservice to the country.

To limit the potential damage from any cyber attacks, system
administrators are encouraged to follow best practices to ensure the
security of their networks.  Some of the most basic measures are
outlined below:

* Increase user awareness
* Update anti-virus software
* Stop hostile attachments at the e-mail server
* Utilize ingress & egress filtering
* Establish policy and procedures for responding and recovery

For a more comprehensive security checklist please refer to the
following sites:
* www.cert.org/security-improvement
 *
www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/secu
rity/tools/tools.asp

* www.sans.org/topten.htm

Recipients of this Advisory are encouraged to report computer intrusions
to their local FBI office (http:''www.fbi.gov/contact/fo/fo.htma) or the
NIPC, and to other appropriate authorities.  Incidents may be reported
online at http://www.nipc.gov/incident/cirr.htm  The NIPC Watch and
Warning Unit can be reached at (202) 323-3204/3205/3206 or
nipc.watch@private

Next message: George Heuston: "FW: NIPC Daily Report for 14 September"
Previous message: George Heuston: "FW: NIPC Daily Report 13 September"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:24:51 PDT