Terrorist attacks prompt FBI cyber-warning

Are your computer files vulnerable?

In the wake of the Sept.11 terrorist attacks, the Federal Bureau of Investigation’s National Infrastructure Protection Center has issued an advisory notice that it "expects to see an upswing" in computer-related crime. The two most likely forms of criminal computer activity the FBI expects to increase include patriotic "hacktivism," or computer hacking by both domestic and foreign fringe groups, and new viruses introduced into computer networks.

In addition, many pros predict more disgruntled present and former employees will be prompted by recent events to use computer virus bombs to get even with employers. "A significant increase in cyber attacks is likely," agrees a separate study by the Gartner Group, a Stamford, CT-based consulting firm. "Enterprises must understand this threat and take action to limit their vulnerabilities."

Here is a list of things the Gartner Group says organizations can do to help protect their communications and information systems from cyber-terrorists:

• Form an internal cyber-incident response team, or contract with an outside vendor to monitor your Internet activity.

• Monitor any web sites your practice operates or is linked to for bugs.

• Contact third-party providers as needed. If internal security procedures are not adequate, contact a managed security service provider or consultant.

• Educate users. Tell them to expect an increase in unwanted "cyber activity."

• Establish phone numbers or e-mail addresses for reporting suspicious activities.

• Set up multiple communication methods. Make sure decision-makers and response team members have more than one method available to them, such as landline and wireless telephones and e-mail technology.

• Update and distribute contact information for all your staff, key vendors, and business contacts.

• Update virus protection on remote laptops and home computers of staff that interact with office systems.

• Review vendors’ computer security policies.

• Evaluate and test physical security procedures, including access to facilities and interaction with electronic systems. Review procedures for background checks for individuals with access to key information or resources.

• Update virus detection signatures daily, if not more frequently. Scan for viruses at the firewall or server. If scanning network computers, remember that many users manually shut down their scans if they are executed during business hours.

• Initiate vulnerability assessments. These should be performed by trained security professionals, not internal administrators, Gartner advises.

• Disable all inactive accounts. Examine user account lists on all systems, removing all unnecessary or default accounts.

• Change passwords on root or administrator accounts.

• Review help desk and password reset procedures.