Skip to content
BOL Conferences
Thread Options
#69455 - 03/25/03 02:00 PM "Red" alert security procedures?
Anonymous
Unregistered

Could anyone provide me with some ideas on what your bank is doing (or will be doing) if and when the nation declares a "red alert" status regarding secrurity? I have read reports that some schools will close, services will be limited at other companies, etc... and wondered if anyone has any thoughts on this. Or, maybe there are some mandatory requirements that I am not aware of by the variousl regulatory agencies. Thanks for the help...

Eric

Return to Top
Lending to Servicemembers (SCRA, JWNDAA), War, Terrorism
#69456 - 03/25/03 03:02 PM Re: "Red" alert security procedures?
Andy_Z Offline
10K Club
Andy_Z
Joined: Oct 2000
Posts: 27,748
On the Net
The NIPC has some good info. I would have referred you to Information Bulletin 03-002 as it had some good info in general about steps to take at different levels. Perhaps it was too detailed as it it isn't available on the site any longer. Still, it is worth looking at.
_________________________
AndyZ CRCM
My opinions are not necessarily my employers.
R+R-R=R+R
Rules and Regs minus Relationships equals Resentment and Rebellion. John Maxwell

Return to Top
#69457 - 03/26/03 08:09 PM Re: "Red" alert security procedures?
Jay Offline
Member
Joined: Jan 2003
Posts: 64
We created a disaster team, seminar to our Y2K team, to coordinate everything in the event of red. We established additional contingency steps in our policies, made sure we had adequate emergency supplies at our locations, that people knew how to turn off the HVAC and that telephone trees were set up. We continue to meet on an informal basis monthly.

Return to Top
#69458 - 03/26/03 10:09 PM Re: "Red" alert security procedures?
OnTheEdge Offline
Diamond Poster
Joined: Apr 2002
Posts: 1,677
SmallTown, USA
I was just on ABA's site. I noticed ( but didn't check it out ) a checklist that might be useful.
_________________________
The opinions expressed are mine and do not necessarily reflect those of my employer.

Return to Top
#69459 - 03/28/03 02:16 AM Re: "Red" alert security procedures?
Anonymous
Unregistered

Andy mentioned NIPC's bulletin, that they have removed from their site. I'm such a packrat, I had saved an electronic copy. Here it is:


NIPC - Advisory 03-002
February 11, 2003
" Encourages Heightened Cyber Security as Iraq - US Tensions Increase "
The National Infrastructure Protection Center (NIPC) is issuing this advisory to heighten the
awareness of an increase in global hacking activities as a result of the increasing tensions
between the United States and Iraq.
Recent experience has shown that during a time of increased international tension, illegal cyber
activity: spamming, web defacements, denial of service attacks, etc., often escalates. This
activity can originate within another country, which is party to the tension. It can be state
sponsored or encouraged, or come from domestic organizations or individuals independently.
Additionally, sympathetic individuals and organizations worldwide tend to conduct hacking
activity, which they view as somehow contributing to the cause. As tensions rise, it is prudent to
be aware of, and prepare for this type of illegal activity.
Attacks may have one of several motivations:
* Political activism targeting Iraq or those sympathetic to Iraq by self-described "patriot"
hackers.
* Political activism or disruptive attacks targeting United States systems by those opposed to any
potential conflict with Iraq.
* Criminal activity masquerading or using the current crisis to further personal goals.
Regardless of the motivation, the NIPC reiterates such activity is illegal and punishable as a
felony. The U.S. Government does not condone so-called "patriotic hacking" on its behalf.
Further, even Apatriotic hackers@ can be fooled into launching attacks against their own
interests by exploiting malicious code that purports to attack the other side when in fact it is
designed to attack the interests of the side sending it. In this and other ways Apatriotic hackers@
risk becoming tools of their enemy.
During times of potentially increased cyber disruption, owners/operators of computers and
networked systems should review their defensive postures and procedures and stress the
importance of increased vigilance in system monitoring. Computer users and System
Administrators can limit potential problems through the use of "security best practices"
procedures. Some of the most basic and effective measures that can be taken are:
• Increase user awareness
• Update anti-virus software
• Stop potentially hostile/suspicious attachments at the E-Mail server
• Utilize filtering to maximize security
• Establish policies and procedures for responding and recovery
39
All users should be aware that malicious code (e.g., worms and viruses) can be introduced to
spread rapidly by using patriotic or otherwise catchy titles, encouraging users to click on a
document, picture, word, etc., which automatically spreads the damaging code. For additional
security checklists, please refer to the following sites:
www.cert.org/security-improvement
www.unixtools.com/securecheck
www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools.asp
www.sans.org/topten.htm
The NIPC encourages recipients of this advisory to report computer intrusions and /or other
crime to federal, state, or local law enforcement, their local FBI office
http://www.nipc.gov/incident/cirr.htm. and other appropriate authorities. Recipients may report
incidents online to http://www.nipc.gov/incident/cirr.htm. The NIPC Watch and Warning Unit
can be reached at (202) 323-3204/3205/3206 or nipc.watch@fbi.gov.

Return to Top

Moderator:  Andy_Z