Advance notice of Web site warning may have helped block attacks

Computerworld |  Security

Early warnings issued by the FBI to four vertical-industry groups about the continuing threat of Web site break-ins by Eastern European organized crime groups may have helped block thousands of copycat attacks against banks and other companies doing business online, according to security analysts.

The warnings, which were sent out at least 19 hours before a public advisory that was released later (see story), demonstrated the importance of the role that the FBI and its National Infrastructure Protection Center (NIPC) can play in efforts to prevent cybercrimes, analysts said.

The NIPC has been criticized for what a former Clinton administration official called its "fundamental inability to communicate" with companies and the security community. The problem, sources said, has been that the FBI treats all potential cybercrimes as law enforcement investigations first and foremost.

There have even been claims that yesterday's warnings, which followed an initial alert about the Eastern European attacks that was issued by the NIPC in December, were little more than a thinly veiled public relations campaign on the part of the agency. But that contention was rejected by several security experts who were involved in yesterday's developments.

William Marlow, vice president and chief strategy officer at New York-based Predictive Systems Inc., said the advance notice about the upcoming advisory helped companies in the financial services industry block "at least 1,600" attempts by hackers to penetrate their defenses yesterday and today.

Predictive Systems operates an Information Sharing and Analysis Center (ISAC) for the financial industry. The NPIC "did an outstanding job of notifying [us] early, which gave the financial institutions time to ensure they were locked down before the announcement went out," Marlow said.

While there have been problems in the past with the sharing of information about security threats by the FBI and the NIPC, Marlow said, the situation is improving. "We now are working through the legal and privacy aspects so that we can [better share information]," he added. "We're very pleased that the NIPC did what they did."

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question