What to do Before
Computer Crime Strikes
Waving American Flag


Visitors Since
October 15, 2001.

Home

Bulletins

Upcoming
Events

Posters

Recent Newsletters

Past Articles
Computer Security
Foreign Espionage
Industrial Espionage
Personal Security
Personnel Security
Physical Security
Security Management

VSAC Desktop
Guide

Security Books
On-Line

Other Security Links

About Us
ASIS
NCMS
VSAC

E-Mail Us
ASIS
NCMS
VSAC
Webmaster

We join with those who mourn the loss of life,  the injuries, and the disruption of lives caused  by the attacks  against Washington,  DC, and  New York, N.Y.    All those effected -- the brave people who helped in rescue efforts, those involved in America's response to terror and in the war with Iraq-- are in our thoughts and prayers.

by Bill Uttenweiler
Aerospace Corporation
Vandenberg AFB, CA

One in five companies suffered network break-ins during the last year!

That is the startling conclusion of the Third Annual InformationWeek/Ernst & Young Security Survey.  Nearly 70% said that security risks have worsened in the last five years; nearly 80% have hired a full-time information-security director.

If 20% of the nation’s companies with networks are successfully attacked every year, you would expect Vandenberg AFB firms would be among the victims.  You would be right, too.  A hacker used the Intnet to break into a contractor-owned 486 PC in March 1995 and left the message “You really shouldn’t leave your computer open to the whole planet!!!!” on it.

The FBI’s National Computer Crime Squad (NCCS) investigates a wide array of computer crime, including:  major computer network intrusions, network integrity violations, privacy violations, industrial espionage, pirated computer software, and other crimes where the computer is a major factor in committing the criminal offense

What steps can we take beforehand to protect ourselves?  Here are some tips from the NCCS:

  • Place a login banner to ensure that unauthorized users are warned that they may be subject to monitoring.
  • Turn audit trails on.
  • Consider keystroke level monitoring if adequate banner is displayed.
  • Request trap and tracing from your local telephone company.
  • Consider installing caller identification.
  • Make backups of damaged or altered files.
  • Maintain old backups to show the status of the original.
  • Designate one person to secure potential evidence.
  • Evidence can consist of tape backups and printouts. These should be initialed by the person obtaining the evidence. Evidence should be retained in a locked cabinet with access limited to one person.
  • Keep a record of resources used to reestablish the system and locate the perpetrator.
  • Notices to alert users to potential security problems and information on related subjects are available from the Computer Emergency Response Team (CERT) at cert@cert.org or the Forum of Incident Response and Security Teams (FIRST) at first-sec@first.org, or call (202) 324-9164.
Employees who suspect any type of computer crime should contact their company’s computer or industrial security office immediately.

[Webmaster's note:  This article was originally written in November 1995 for the VSAC News and the NCMS Channel Islands Newsletter.]

For information on our group or to make comments about this page,
please email sate@impulse.net.

All Rights Reserved.  Copyright © 2000 by Bill Uttenweiler.
Last Updated:  March 23, 2000.