As a portion of a growing concern regarding terrorism within the United States, the following has been excerpted from a larger communication warning governmental units about the potential of cyber-terrorism.
“Attacks on critical infrastructure may take the form of cyberterrorism to disrupt information and communications technology systems rather than physical destruction caused by chemical, biological, nuclear, incendiary or explosive weapons of mass destruction. Many local jurisdictions and private sector organizations developed emergency response and business continuity plans nearly two years ago in preparation for possible disruptions during the Y2K rollover. Those plans remain valuable. They should be ‘dusted off,’ reviewed and updated.”
In addition to the suggested Y2K remediation plan “dust-off”, I would suggest the following steps be performed:
Assure that all critical information is actually being backed up and is restorable. In addition to the data, be sure the applications are being backed up or are stored off site so they could be reinstalled,
If you are internet connected (i.e. not dial), it is now absolutely critical that you have a firewall in place. Be sure that your firewall is not installed with all of it’s options “turned off”. Many older models came out of the box configured in this manner – and you have no protection but think you do.
Be sure your patches for both your firewall and your network operating systems are current and up-to-date. Unix and Microsoft products are the most vulnerable. Often Microsoft products are specifically targeted due to their wide distribution.
If you don’t have a technology disaster recovery plan in place – now is the time to create one. If you do have one – test the plan to the best of your ability.
Implement off-site backup tape archival at a significant distance from your facility. Next door isn’t good enough anymore.
You may think this doesn’t pertain to you – but it does. We all need to be as prepared as we can be. This has been brought home to us recently both in terms of the Sept. 11 event, but also the recent series of very invasive and destructive viruses of unknown origin.