Cyber Warfare
By Richard Lowe, Jr.
In these days of all-out combat in Afghanistan, terrorist attacks in New York and Anthrax in Washington,
it's easy to lose one's perspective. I know I've become addicted to checking the major news web sites
several times a day. I now listen to the news radio stations on the way to and from work instead of my
normal rock and roll station. It seems like something might happen at any moment, and I want to know
immediately.
Something that seemed to be mentioned in every IT related publication for the last year or so is the possibility of cyber warfare. This is the concept of attacking a country through it's information systems (specifically the internet).
Since the attacks, I've seen the number of articles go from a few per week to dozens per day. Warnings about security risks seem to be popping up all over the place. It is important that these warnings be taken seriously - it's time to wake up folks and get your systems locked down.
What could be attacked? Just about every company has an internet connection these days. Many of those companies do not have good security, as is proven by the recent Nimda and Code Red outbreaks, as well as numerous penetrations by hackers.
If you are an IT manager you probably need to ask yourself some important questions to be prepared for the possibility of attack. In fact, it is your patriotic duty to be sure your systems are safe and secure. To do otherwise not only puts your company in danger, it actually threatens, even in a small way, the security of your country.
Does your organization really need to be attached to the internet at all?
This is the first question to ask yourself. I know it seems like every workstation at every company must
be attached to the internet, but is it really necessary? Does it add to the company bottom line? For many
companies, the answer is yes, for others no.
Is the information that you provide to the internet community appropriate?
This question has come up on a large number of government and utility sites. Is it really necessary, for
example, to include a map of a power plant? I know this might seem useful to, say, schools for educational
purposes, but it may also be even more useful to terrorists and other evil-doers.
Is your backup and archive strategy sound?
The most important single task that you perform is backups. Do them regularly and check the data occasionally.
Are your password policies good enough?
The weakest link in most security schemes is the user and his or her passwords. If
your management will allow it, make sure your users have long, complex passwords which they change
regularly. Enforce best practices with their passwords.
Is your front line security adequate?
Have you got firewalls installed? Regardless of whether you've got a home computer or
a hundred million dollar complex, you'd better install a firewall if you have not done so already. A hardware
firewall is the best solution, but a software one will do for a home system if money is tight.
Have you defined a DMZ?
If you manage a network for a company, you should re-examine your firewall strategy to ensure
that you have a proper DMZ. What is a DMZ? To simplify it a bit, it's a way to protect your application
servers even if your web servers are compromised. You have your core application systems behind
a firewall. On the outside of that firewall you place your web servers. Then to protect them you put another
firewall.
Is your virus protection adequate?
If you haven't installed antivirus software by this time, shame on you. It does not
matter whether you run a network of ten thousand computers or a cheap home system, you'd better
have this basic application not only installed, but regularly updated.
Is your system patched properly?
All vendors release software with bugs. It is the responsibility of all system managers to periodically
review operating system and applications patches and releases and update them as needed.
Remember, even the Apache web server is ridiculously insecure if not properly patched.
Are you educated on security?
If you haven't already, look around and find some books, classes or information about
security. Become educated as fast as you can. Once you understand security, then propose, plan and
implement what you have learned.
Do you perform background checks on IT related positions?
All new hires into IT should have thorough background checks before they are hired. You should also
check the backgrounds of all of your IT consultants. It's best to know who you are hiring before you hire.
Is your user community educated about security?
Perhaps one of the best tasks you can perform is to educate your users on good security practices.
Emphasize the reasons why security is important and how it protects your users. I usually stress
that security penetrations are a direct threat to their employment. Spend some time explaining and
demonstrating how social engineering works - this is the number one way break-ins occur.
Do you have a working disaster plan?
To be perfectly prepared, ensure that you have a working, tested, debugged disaster plan ready at
all times. That way if for some reason your primary systems are rendered useless you can still have a
running company.
Is your security plan confidential?
The less information you have available to evil-doers the better. Keep any information
about how your systems are secured confidential - treat it on a need-to-know basis.
Remember this important fact. As of September 11th, the United States and all of the free nations are in a war. And when your country is in a state of war you had better be prepared to be attacked. It's the only sane thing to do.
About The Author
Richard Lowe Jr. is the webmaster of Internet Tips And Secrets.
Visit his website any time to read over 1,000 complete FREE articles about how to improve your
internet profits, enjoyment and knowledge.