Re: [iwar] [fc:Companies.unprepared.for.cyberattacks]

From: e.r. (fastflyer28@yahoo.com)
Date: 2002-05-10 11:25:23

Next message: Rob Rosenberger: "RE: [iwar] [fc:Warning.on.Cyberattack.'Exaggerated']"
Previous message: Wanja Eric Naef [IWS]: "[iwar] Securing Our Infrastructure: Private/Public Information Sharing"
In reply to: Fred Cohen: "[iwar] [fc:Companies.unprepared.for.cyberattacks]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Message-ID: <20020510182523.44606.qmail@web14504.mail.yahoo.com>
To: iwar@yahoogroups.com
In-Reply-To: <200205100324.g4A3Ogm13144@red.all.net>
From: "e.r." <fastflyer28@yahoo.com>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Fri, 10 May 2002 11:25:23 -0700 (PDT)
Subject: Re: [iwar] [fc:Companies.unprepared.for.cyberattacks]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

 I agree with one exception.  At present, no one dies in cyber attacks, but the PLA of China does give one pause.  While their standing military is huge, if they did not believe that training a batallion ,or two to become procificeint IWARiors, one of two conclusions can be made.  Either China has spent money on trainging troops and purchasing material to no end, or they had a plan on day 1 to train and use of Digitroops  They were in clear violation of a agreement with the US when we initially parked large computers system  in the high northwestern desert. They were specifically to be used to sesmically monitor Russian missile test and bases. When we had the chance to recheck these systems, it was clear they had been tampered with and utilized for China's own purposed from time to time. And, nuclear weapons modernazation was part of their intent.  At the time, they did not have indiginious capability to make such complex sytems  to aid them with  mathamatical modeling that goes into CBRN areas.  They may not directly kill in an IWAR sense, but at the time of this agreement-late 70's. they had no where near the cyber systems hardware development skills that were likely part lift from Russian designs, and information gathered from other nations computers systems.  Their aerospace program was nearly pre-historic until we agreed to train Chinese students in the US. Now, they have come an unusually long way to make icbm, nuke and others weapons that are being sold to our adversaries.  As this case proved, although the US needed access to this strategically sigificant area of the world, the price we have paid was dear.
  Fred Cohen <fc@all.net> wrote: Companies unprepared for cyberattacks 
SecuritySearch.net, 5/8/02
<a href="http://www.securitysearch.net/display_industry_news_article.cfm?id=485">http://www.securitysearch.net/display_industry_news_article.cfm?id=485>

Through 2005, 90 percent of cyberattacks will exploit known security
flaws for which a patch is available or a solution known, according to
GartnerG2, a research unit of Gartner, Inc. (NYSE: IT and ITB). 
Presenting their outlook for cyperattack prevention at last weeks
Gartner Symposium/ITxpo in San Diego, California, Gartner presented a
dim outlook for cyperattack prevention. 
GartnerG2 said that not only are patches available before the
cyberattacks, but 90 percent of the attacks are imitation ones.
Moreover, recent cyberattacks could have been avoided if enterprises
were more focused on their security efforts. 
"Nearly every major attack to hit the headlines involved the
exploitation of known security flaws for which a patch or defense was
widely known," said Richard Mogull, research director for GartnerG2.
"Estimated losses from Code Red and Nimda were in the billions of
dollars, yet Code Red exploited a flaw for which a patch was available,
proving that we never learn from our mistakes. Nimda exploited the same
flaw just a few months later. Both continue to survive on the Internet
today." 
GartnerG2 predicts that through 2005, 20 percent of enterprises will
experience a serious (beyond a virus) Internet security incident. Such
victims can expect the cleanup costs of the incident to exceed the
prevention costs by 50 percent. 
According to GartnerG2 the top five overall IT vulnerabilities to
cyberattacks are: 
-- Security of suppliers and partners; 
-- No benchmarking (spending and value); 
-- Security not integrated into projects; 
-- Poor governance and culture; and 
-- Lack of risk management integration 
To adequately protect against security incidients, GartnerG2 says
organisations must be more proactive - developing incident response
procedures and monitoring the right sources to detect an attack. 
"A proactive security posture... means you have a well-developed
response plan and keep looking for the early indications of an attack,"
explained Mogull. 
For more information on Gartner's business symposiums visit
www.gartner.com/symposium.

Yahoo! Groups SponsorADVERTISEMENT

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. 

---------------------------------
Do You Yahoo!?
Yahoo! Shopping - Mother's Day is May 12th!

[Non-text portions of this message have been removed]

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tied to your PC? Cut Loose and
Stay connected with Yahoo! Mobile
http://us.click.yahoo.com/QBCcSD/o1CEAA/sXBHAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

Next message: Rob Rosenberger: "RE: [iwar] [fc:Warning.on.Cyberattack.'Exaggerated']"
Previous message: Wanja Eric Naef [IWS]: "[iwar] Securing Our Infrastructure: Private/Public Information Sharing"
In reply to: Fred Cohen: "[iwar] [fc:Companies.unprepared.for.cyberattacks]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT