Return-Path: <sentto-279987-2380-1001530903-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Wed, 26 Sep 2001 12:05:29 -0700 (PDT) Received: (qmail 30135 invoked by uid 510); 26 Sep 2001 19:02:50 -0000 Received: from n35.groups.yahoo.com (216.115.96.85) by 204.181.12.215 with SMTP; 26 Sep 2001 19:02:50 -0000 X-eGroups-Return: sentto-279987-2380-1001530903-fc=all.net@returns.onelist.com Received: from [10.1.1.223] by mu.egroups.com with NNFMP; 26 Sep 2001 19:02:31 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 26 Sep 2001 19:01:37 -0000 Received: (qmail 5174 invoked from network); 26 Sep 2001 19:01:36 -0000 Received: from unknown (10.1.10.27) by 10.1.1.223 with QMQP; 26 Sep 2001 19:01:36 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 26 Sep 2001 19:02:18 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id MAA24007 for iwar@onelist.com; Wed, 26 Sep 2001 12:02:11 -0700 Message-Id: <200109261902.MAA24007@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 26 Sep 2001 12:02:11 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:War.against.terrorism.raises.IT.security.stakes:] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit War against terrorism raises IT security stakes: Concerns heightened that cyberattacks and physical attacks will be combined By Patrick Thibodeau, ComputerWorld, 9/26/2001 <a href="http://www.computerworld.com/storyba/0,4125,NAV47_STO64147,00.html?OpenDocument&~f">http://www.computerworld.com/storyba/0,4125,NAV47_STO64147,00.html?OpenDocument&~f> A war against terrorism raises the specter of increased security risks for information managers-risks ranging from nuisance Web site defacements to the possibility that systems could be targeted in conjunction with a physical attack as part of an effort to maximize disruptions. Such threats existed before the Sept. 11 terrorist attacks against the U.S. But the possibility of a significant attack -specifically, a combined cyber and physical assault - is being taken much more seriously since those events. What security experts and managers are less certain of is the degree of risk. Most said they believe the war against terrorism will raise the danger level, but some security managers said they were already under siege. "I think we already had a very significant threat prior to Sept. 11," said Steve Akridge, chief security officer for the Georgia Technology Authority, which manages the state's IT. "On a scale of 1 to 10, we felt that the threat was an 8. Maybe now it's a 9," said Akridge. The biggest change wrought by the terrorist attacks may be improved awareness of the importance of information security - especially contingency planning. "Even though it wasn't a computer-related attack, the mind-set now is that we are no longer immune from this type of incident," said Larry Seibel, information security director at the Huntington National Bank in Columbus, Ohio. "The incident, without a doubt, has served to raise the level of importance of contingency planning for business and systems recovery." The major concern is, of course, physical attacks. But a U.S. congressional commission examining weapons of mass destruction used by terrorists concluded that cyberattacks in concert with physical attacks are a major concern. "There has been substantial concern [about] the potential consequences of cyberattacks," said Virginia Gov. James Gilmore, the Republican chairman of the congressional commission. "Communications, if disrupted, could have significant impact on the [physical] attack itself, and we have been very focused on that and very concerned about that particular issue." Although the number of nuisance attacks may rise, of more concern are attacks of greater intensity. "I am less concerned with an increase in frequency than I am concerned with an increase in ferocity," said G. Mark Hardy, a security expert at Ernst & Young International in New York. Tim Atkin, a member of the private-sector group Partnership for Critical Infrastructure Security and director of critical infrastructure protection at consulting firm SRA International Inc. in Fairfax, Va., said a cyberattack is "a completely viable option" for a terrorist group to inflict great damage on the U.S. "Right now, the view is [that] nothing should be considered sacred," said Atkin. "You never know where an organization like [Osama bin Laden's al-Qaeda] is going to hit." Reporter Dan Verton contributed to this article. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Pinpoint the right security solution for your company- Learn how to add 128- bit encryption and to authenticate your web site with VeriSign's FREE guide! http://us.click.yahoo.com/JNm9_D/33_CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:50 PDT