Internet Interests

Cyber Terrorism -
Getting Back on Your Feet

The two most common forms of Cyberterrorism either destroy computer data or cripple the web server. However, if you are prepared for these attacks, you will find it much easier to recover from them. Many attacks can be avoided by utilizing virus scanning software and enforcing safe data handling procedures. However, if a cyber attack is successful, you may be able to greatly reduce your recovery time and costs by following some common sense preparations.

In January of 2003, a modified version of the infamous Code Red Worm was re-released on the Internet and, although not as destructive as the first time around, it did manage to knock out thousands of ATM’s and to severely slow down Internet servers. Such damage clearly indicates that there are still too many people out there who are not taking precautions to protect themselves seriously. A coordinated attack by Cyberterrorists has been predicted by security experts and it is believed that this most recent attack may have been a practice run for just such an attack and that this recent virus release may have been for the purpose of detecting the weakest links in the Internet at this time.

One of the problems with this form of security attack is that you have some viruses that attack networked systems and others that attack stand alone systems like your home computer and, of course, there are those that will attack either type of system. Corporate IT managers can put enterprise-wide virus detection and removal software in place but it cannot prevent employees from bringing in viruses from home or from disabling the anti-virus software on their computers at work. Since it is virtually impossible to prevent all forms of cyber-attack, your next line of defense is to prepare yourself for recovery from these attacks.

To Prepare for Recovery, you need to go back to the basics.

  1. Make sure that you have completely halted the attack.
  2. Warn all employees about the attack and ask for their cooperation while you ‘recover and restore’.
  3. Make sure that you have installed any patches or necessary fixes to protect yourself from further attack.
  4. Make sure that you have frequent, reliable, and usable backup files. (Did you know that when you backup your files to CD-ROM, they are automatically flagged as being Read-Only files? When you restore them to your computer at a later date, you will have to remove this flag before you can modify or even use the files in some cases.)
  5. Lastly, have a restore procedures checklist ready so that you don’t forget any procedures or perform them out of sequence. (Did you know that in some cyber attacks you may lose Internet cookies from your online purchases and be unable to verify your purchase should you need to download the software from the vendor again?)

Having to rebuild or restore your computer system(s) is always costly but being ready for it when the situation presents itself, is priceless. Security professionals should make sure that their company’s emergency plans include a set of tested computer recovery and restore procedures. When creating this action plan for your company you should also include a review of your current data backup procedures.

Respectfully submitted by Steve Duell
SFBA Chapter Webmaster
2003 ARVP Chapter Internet Development
Send replies to webmaster@sfasis.org