Cyber Warfare

By Author: Richard Lowe
Total Articles: 51
Comment this article

In these days of all-out combat in Afghanistan, terrorist attacks in New York and Anthrax in Washington, it's easy to lose one's perspective. I know I've become addicted to checking the major news web sites several times a day. I now listen to the news radio stations on the way to and from work instead of my normal rock and roll station. It seems like something might happen at any moment, and I want to know immediately. Something that seemed to be mentioned in every IT related publication for the last year or so is the possibility of cyber warfare. This is the concept of attacking a country through it's information systems (specifically the internet). Since the attacks I've seen the number of articles go from a few per week dozens per day. Warnings about security risks seem to be popping up all over the place. It is important that these warning be taken seriously - it's time to wake up folks and get your systems locked down. What could be attacked? Just about every company has an internet connection these days. Many of those companies do not have good security, as is proven by the recent Nimda and Code Red outbreaks, as ...
... well as numerous penetrations by hackers. If you are an IT manager you probably need to ask yourself some important questions to be prepared for the possibility of attack. In fact, it is your patriotic duty to be sure your systems are safe and secure. To do otherwise not only puts your company in danger, it actually threatens, even in a small way, the security of your country. Does your organization really need to be attached to the internet at all? - This is the first question to ask yourself. I know it seems like every workstation at every company must be attached to the internet, is it really necessary? Does it add to the company bottom line? For many companies, the answer is yes, for others no. Is the information that you provide to the internet community appropriate? - This question has come up on a large number of government and utility sites. Is it really necessary, for example, to include a map of a power plant? I know this might seem useful to, say, schools for educational purposes, but it may also be even more useful to terrorists and other evil-doers. Is your backup and archive strategy sound? - The most important single task that you perform is backups. Do them regularly and check the data occasionally. Are your password policies good enough? - The weakest link in most security schemes is the user and his or her passwords. If your management will allow it, make sure your users have long, complex passwords which they change regularly. Enforce best practices with their passwords. If your front line security adequate? - Have you got firewalls installed? Regardless of whether you've got a home computer or a hundred million dollar complex, you'd better install a firewall if you have not done so already. A hardware firewall is the best solution, but a software one will do for a home system if money is tight. Have you defined a DMZ? - If you manage a network for a company, you should reexamine your firewall strategy to ensure that you have a proper DMZ. What is a DMZ? To simplify it a bit, it's a way to protect your application servers even if your web servers are compromised. You have your core application systems behind a firewall. On the outside of that firewall you place your web servers. Then to protect them you put another firewall. Is your virus protection adequate? - If you haven't installed antivirus software by this time, shame on you. It does not matter whether you run a network of ten thousand computers or a cheap home system, you'd better have this basic application not only installed, but regularly updating. Is your system patched properly? - All vendors release software with bugs. It is the responsibility of all system managers to periodically review operating system and applications patches and releases and update them as needed. Remember, even the Apache web server is ridiculously insecure if not properly patched. Are you educated on security? - If you haven't already, look around and find some books, classes or information about security. Become educated as fast as you can. Once you understand security, then propose, plan and implement what you have learned. Do you perform background checks on IT related positions? - All new hires into IT should have thorough background checks before they are hired. You should also check the backgrounds of all of your IT consultants. It's best to know who you are hiring before you hire. Is your user community educated about security? - Perhaps one of the best tasks you can perform is to educate your users on good security practices. Emphasize the reasons why security is important and how it protects your users. I usually stress that security penetrations are a direct threat to their employment. Spend some time explaining and demonstrating how social engineering works - this is the number one way break-ins occur. Do you have a working disaster plan? - To be perfectly prepared, ensure that you have a working, tested, debugged disaster plan ready at all times. That way if for some reason your primary systems are rendered useless you can still have a running company. Is your security plan confidential? - The less information you have available to evil-doers the better. Keep any information about how your systems are secured confidential - treat it on a need-to-know basis. Remember this important fact. As of September 11th the United States and all of the free nations are in a war. And when your country is in a state of war you had better be prepared to be attacked. It's the only sane thing to do. Richard Lowe Jr. is the webmaster of Internet Tips And Secrets at http://www.internet-tips.net - Visit our website any time to read over 1,000 complete FREE articles about how to improve your internet profits, enjoyment and knowledge.