apply measures to limit the botnets that could infect your systems. Performing
system
integrity checks, using personal firewalls, encryption software, and run-
ning antivirus, antispyware, and antimalware tools on your computers will
prevent botnets from infecting a system. Making
such repairs, improvements,
and hardening systems are the best steps toward minimizing botnets from
infecting computers and limiting the damage caused by a botnet attack.
If you discover botnets on a computer, and determine through reverse
engineering, log analysis, and a review of the hard disk’s contents what the
botnet has been doing, you will need to decide
whether your organization
will need to go public with the attack. If client information has been com-
promised, you will need to contact the people whose information may have
been obtained by an attacker. However, if computers were being used to send
spam or distribute innocuous files on the hard disk, you
may decide to fix the
problem and keep it quiet. Unfortunately, even though ethics may lead you to
involve law enforcement, decision makers in the organization may decide that
announcing their systems were insecure is bad for business and decide to keep
the incident an internal matter.
Are You 0wned?
The Stealing of Personal Information
In October 2006, Brock University experienced the embarrassing situation
of its systems being hacked, and the personal information of upwards of
70,000 alumni and other donators being stolen. The information of pos-
sibly every person who had ever donated
to the university was accessed,
including credit card and banking information. The university contacted
police to investigate the incident, and contacted those people whose
information may have been stolen. Within 24 hours, people were con-
tacted via telephone and thousands of letters
were sent to inform dona-
tors of this breach in security. While the investigation continues at the
time of this writing, the university followed by having the security of
their systems reviewed and improvements made. Damage control also
involved
responding to the media, and informing the public that steps
were being taken to repair vulnerabilities and improve security.
Although the university was caught in a bad situation, the handling of it
is a textbook case of how to properly respond to an incident.
Do'stlaringiz bilan baham: