How to fight Cyberterrorism

Information Technology is the lifeline of most organizations today, and as such a disrupted information system can cause your company to lose market share and eventually bring it to its knees. 94% of companies without a tested crisis plan go out of business after a severe loss of service for two weeks or more. We are so bound as a global community that a disaster in a single major city results in significant ripple effects around the world. Cyberterrorism, weather direct or indirect, is an issue all businesses should anticipate and arrange for backup plans. Depending on the size of the company, backups of the backup plan may need to be considered. Politically charged events frequently unleash a nest of virus', worms and Trojan horses on the Internet, and with increasing intensity. In one day, the current Nimda virus generated one hundred times the traffic that the code red virus took three days to do. A group setup by the federal government to counter Cyberterrorism released a report stating that "A personal computer and a simple telephone connection to an Internet service provider anywhere in the world are enough to cause a great deal of harm. The right command sent over a network to a power generating station's control computer could be just as effective as a backpack full of explosives, and the perpetrator would be harder to identify and apprehend." To protect your business in the event of a disaster you need to identify the mission critical information streams that need to be protected. This may include both print material and computer hardware and software. BACKUP YOUR DATA Minimizing the loss of valuable documents or data can be accomplished quite easily by performing regularly scheduled backups. It is absolutely essential that OFF-SITE copies of backups be kept. This will assure quick recovery from disasters. Backups may be done using a variety of medias, such as, floppy disks , zip disks, re-writeable cd's, and removable hard drives. The type of media you use will depend on the quantity of data being stored. Larger companies may also consider installing "mirror" servers, which allow the same real time information being kept in different locations. Consideration should also be given to outsourcing applications to ASPs (Application Service Providers) which have mirrored data centers. Any paper documents which are considered critical should also be backed up with the help of a scanner and stored off-site. Myriads of paper documents were strewn all over New York following the WTC disaster. Many of the organizations and companies affected have no idea of what they have lost or even how to recover missing files. Some of which have irreplaceable information and signatures. ANTI-VIRUS SOFTWARE A good anti-virus software is essential in your counter terrorism arsenal. It will offer continuous protection and automatically scans all file inputs, outputs, downloads, program executions, and other system-related activities to help prevent virus penetration. If a virus is discovered, you will have the option to clean or delete the infected file. FIREWALLS / DETECTION NETWORKS Firewalls screen all communications to a system, including e-mail messages, which may carry logic bombs. The term "firewall" is a relatively generic term for methods of filtering access to a network. They may come in the form of a computer, router or other communications device, or in the form of a network configuration. The services and access that are permitted to each user are defined by firewalls. One method is to screen user requests to check if they come from a previously defined domain or Internet Protocol (IP) address. Another method is to prohibit Telnet access into the system. Here are a few key things to remember in order to protect yourself from Cyberterrorism: i. All accounts should have passwords and the passwords should be unusual, difficult to guess, and alphanumeric where possible. ii. Change the network configuration when defects become known. iii. Check with venders for upgrades and patches. iv. Audit systems and check logs to help in detecting and tracing an intruder. v. If you are ever unsure about the safety of a site, or receive suspicious email from an unknown address, don't access it. It could be trouble. TRACING SOFTWARE There are software companies that create products designed to trace exactly where anyone connecting to your network is coming from. Giving you detailed information on the registered owner's name, address, etc. Greater possibility of detection always reduces the incidence of crime. PROTECTION SUITES Click here:http://www.irieisle-online.com/cyberterrorism for a suite of online services which combine a number of protection strategies. Today's commercial off-the-shelf software is riddled with holes. Microsoft products in particular, seem to be targeted. A recent Gartner Group report strongly suggests that changing from Microsoft's Internet Server would be a positive step. Software makers should design more secure products, which should be shipped to consumers pre-configured with high security settings. Such efforts will probably mean higher costs and slower progress in the short term but will pay off in the long term. There are no foolproof ways to protect a system, as completely secure system can never be accessed by anyone. Your organization's classified information can be kept on machines with no outside (internet/intranet) connection, as a form of prevention of Cyberterrorism. In the end, the onus of fighting Cyberterrorism is really on each company or organization. The cost to protect your data will be a small fraction of what will be lost if your information systems are attacked or accidentally damaged.