ad info




CNN.com
 MAIN PAGE
 WORLD
 ASIANOW
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
 TECHNOLOGY
   computing
   personal technology
   space
 NATURE
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 HEALTH
 STYLE
 IN-DEPTH

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

  CNN WEB SITES:
CNN Websites
 TIME INC. SITES:
 MORE SERVICES:
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines
 pointcast
 pagenet

 DISCUSSION:
 message boards
 chat
 feedback

 SITE GUIDES:
 help
 contents
 search

 FASTER ACCESS:
 europe
 japan

 WEB SERVICES:
COMPUTING

From...
Computerworld

Computer systems vulnerable when staffing levels drop

June 4, 1999
Web posted at: 8:53 a.m. EDT (1253 GMT)

by Nancy Dillon

(IDG) -- It's a holiday weekend, and you're relaxing at home when suddenly your pager is telling you to check your network.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  Computerworld's home page
  Computerworld Year 2000 resource center
  Computerworld's online subscription center
 Reviews & in-depth info at IDG.net
  IDG.net's personal news page
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Search IDG.net in 12 languages
 News Radio
 * Computerworld Minute
 * Fusion audio primers
   

You try to log in to the network from home, but it doesn't seem to work. You hurry into the office and find that your computers are rebooting for no apparent reason. Your firewall keeps shutting down. The problem doesn't appear to be hardware related. And network traffic is passing through your firewall.

Suddenly it becomes clear: You're getting hacked.

That was the scenario created by Stephen Northcutt during a Webcast briefing today titled "What the Hackers Know About You: Anatomy of a Christmas '98 Attack." The Webcast was sponsored by The SANS Institute, a cooperative research and education organization in Bethesda, Md.

Holidays are "a high-risk time since systems are unattended," Northcutt said. So administrators should shut down as many nonessential systems as possible during that time, he advised.

Northcutt also warned against the common assumption that hackers are less sophisticated than administrators at Fortune 1000 companies. A typical hack job, according to Northcutt, can involve both software development and unauthorized software installation on target systems. ``Plus, hackers have a technical support structure that's probably more comprehensive than the one available to your organization."

In the event of a hacking incident, administrators should remain calm, according to presentation material supplied by the SANS Institute. The next step is to notify management. Administrators should avoid using e-mail and other network-based communications channels. They should take good notes -- good enough to serve as evidence in a court of law.

It's also important to run a backup copy of the damage for evidence before restoring systems and getting the business up and running again.

Administrators can also try implementing file integrity assessment (FIA) systems to catch hackers before they "make a kill," he said. FIA tools detect changes in file systems and alert administrators when strange things start happening in the file systems, such as shrinking log files. Tripwire Security Systems Inc. in Portland, Ore., offers such tools.

To minimize vulnerability in the future, Northcutt said, companies should take heed of SANS Institute's list of the top seven management errors that lead to computer security vulnerabilities:

  • Pretend the problem will go away if you ignore it.

  • Authorize reactive, short-term fixes so problems re-emerge rapidly.

  • Fail to realize how much money information and organizational reputations are worth.

  • Rely primarily on a firewall.

  • Fail to deal with the operational aspects of security; instead, make a few fixes and then not allow the follow-through necessary to ensure the problems stay fixed.

  • Fail to understand the relationship of information security to the business.

  • Assign untrained people to maintain security and provide neither the training nor the time to make it possible to do the job.


MESSAGE BOARD:
How do you define a hacker?

SPECIAL:
Insurgency on the Internet

RELATED STORIES:
Feds warn hackers will be prosecuted; pro-Mitnick protest planned
June 2, 1999
Hackers target more federal computers
June 1, 1999
Study warns of a new cyberterrorism called 'netwar'
April 26, 1999
Hackers can turn network cameras, microphones on you
April 16, 1999

RELATED IDG.net STORIES:
Support staffers face holiday hangovers
(Computerworld)
IT staff still tied to the office
(InfoWorld)
Tips for maintaining a violence-free IT staff
(Computerworld)
Want to prevent break-ins? Just ask a hacker
(Computerworld)
Anatomy of a friendly hack
(NetworkWorld Fusion)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
SANS Institute
Tripwire Security Systems, Inc.
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.