Difference between revisions of "Team 1 Sect1.4"
| (One intermediate revision by the same user not shown) | |||
| Line 1: | Line 1: | ||
It is important to point out those actions that would make the IT systems more resistant to cyber-attacks. This is important to prevent future attacks, since one of the techniques used by the terrorists is so-called “incremental terrorism” where relatively local attacks (like the ones described in this exercise) on banks, small businesses, hospitals, local government offices, etc., are repeated often so that the public confidence is undermined and significant economical and psychological disruption results. | It is important to point out those actions that would make the IT systems more resistant to cyber-attacks. This is important to prevent future attacks, since one of the techniques used by the terrorists is so-called “incremental terrorism” where relatively local attacks (like the ones described in this exercise) on banks, small businesses, hospitals, local government offices, etc., are repeated often so that the public confidence is undermined and significant economical and psychological disruption results. | ||
Using a similar analysis as that provided by the National Academies [1], a series of short-term actions appropriate for this relatively small-scale attack would be related to improving information and network security in public and private organizations, in particular: | Using a similar analysis as that provided by the National Academies [1], a series of short-term actions appropriate for this relatively small-scale attack would be related to improving information and network security in public and private organizations, in particular: | ||
| + | |||
•For users (home, small businesses): Have good updated information-security tools | •For users (home, small businesses): Have good updated information-security tools | ||
| + | |||
•For larger corporations: Have good information-security tools and have unannounced red-team attack simulations of the IT systems, promptly fix problems and vulnerabilities, mandate use of strong authentication mechanisms, defense-in-depth in addition to perimeter defense | •For larger corporations: Have good information-security tools and have unannounced red-team attack simulations of the IT systems, promptly fix problems and vulnerabilities, mandate use of strong authentication mechanisms, defense-in-depth in addition to perimeter defense | ||
As for long-term recommendations: Increase overall robustness of the computer systems. This would be useful not only for relatively small-scale attacks like the one we are dealing with in this red-team exercise, but also for larger-scale attacks were cyber-attacks are combined with other physical operations. Invest in better: | As for long-term recommendations: Increase overall robustness of the computer systems. This would be useful not only for relatively small-scale attacks like the one we are dealing with in this red-team exercise, but also for larger-scale attacks were cyber-attacks are combined with other physical operations. Invest in better: | ||
| + | |||
•Authentication: Better ways of preventing unauthorized parties to access a computer and cause harm | •Authentication: Better ways of preventing unauthorized parties to access a computer and cause harm | ||
| + | |||
•Detection of intruders | •Detection of intruders | ||
| + | |||
•Containment, so that the attack is of limited scope | •Containment, so that the attack is of limited scope | ||
| + | |||
•Recovery, which involves backup and decontamination | •Recovery, which involves backup and decontamination | ||
| + | |||
•Install fixes to take care of buggy codes. Better administration needed. | •Install fixes to take care of buggy codes. Better administration needed. | ||
| − | [1]“Information technology for counterterrorism: Immediate actions and future possibilities” National Research Council of the National Academies, 2003, J. L. Hennessy, D. A. Patterson, H. S. Lin (Eds.) | + | [1] “Information technology for counterterrorism: Immediate actions and future possibilities” National Research Council of the National Academies, 2003, J. L. Hennessy, D. A. Patterson, H. S. Lin (Eds.) |
Latest revision as of 15:32, 23 October 2005
It is important to point out those actions that would make the IT systems more resistant to cyber-attacks. This is important to prevent future attacks, since one of the techniques used by the terrorists is so-called “incremental terrorism” where relatively local attacks (like the ones described in this exercise) on banks, small businesses, hospitals, local government offices, etc., are repeated often so that the public confidence is undermined and significant economical and psychological disruption results. Using a similar analysis as that provided by the National Academies [1], a series of short-term actions appropriate for this relatively small-scale attack would be related to improving information and network security in public and private organizations, in particular:
•For users (home, small businesses): Have good updated information-security tools
•For larger corporations: Have good information-security tools and have unannounced red-team attack simulations of the IT systems, promptly fix problems and vulnerabilities, mandate use of strong authentication mechanisms, defense-in-depth in addition to perimeter defense
As for long-term recommendations: Increase overall robustness of the computer systems. This would be useful not only for relatively small-scale attacks like the one we are dealing with in this red-team exercise, but also for larger-scale attacks were cyber-attacks are combined with other physical operations. Invest in better:
•Authentication: Better ways of preventing unauthorized parties to access a computer and cause harm
•Detection of intruders
•Containment, so that the attack is of limited scope
•Recovery, which involves backup and decontamination
•Install fixes to take care of buggy codes. Better administration needed.
[1] “Information technology for counterterrorism: Immediate actions and future possibilities” National Research Council of the National Academies, 2003, J. L. Hennessy, D. A. Patterson, H. S. Lin (Eds.)
