Home > Ask the Security Experts > Network Security Questions & Answers > What defenses can prevent the hijacking of a city's fiber network?
Ask The Security Expert: Questions & Answers
EMAIL THIS

What defenses can prevent the hijacking of a city's fiber network?

Mike Chapple, featured expert EXPERT RESPONSE FROM: Mike Chapple, featured expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 25 August 2008
A systems administrator recently tried to take over a San Francisco FiberWAN network, hoping to avoid losing his job after receiving a poor review. What were the flaws in the city's network, and what kinds of controls can help prevent this type of hijacking?

>
According to multiple media reports, Terry Childs, a senior network administrator for the city of San Francisco, recently caused a stir by refusing to allow his supervisors access to the city's fiber network. Before looking at what the city should have done differently, I think it's important to point out that there is still considerable debate as to Childs' intentions, and it's premature to state that he was "hoping to avoid losing his job after receiving a poor review."

That said, it is clear that Childs managed to create an environment in which he was the only individual with administrative access to critical network devices. This is a good example of someone misusing the powerful credentials provided to an administrator, and an organization either not setting -- or not enforcing -- security policy that prevents this type of single-person control.

An enterprise should take two steps to ensure it doesn't fall victim to the same type of ransom attack that Childs perpetrated on San Francisco. To start, create an access policy and verify that administrators are following it. It's inexcusable for a system administrator to possess the only administrative password to any type of device and not have provisions to share it with others. What if Childs were incapacitated or otherwise unable to return to work?

There's one common practice I've seen in many enterprises, and it's fairly low-tech: administrators simply write the password on a piece of paper, seal it in an envelope, sign the back of the envelope and place it in a safe accessible to management. In the event of an emergency, management can retrieve the password from the safe. Administrative passwords are automatically changed after any such use. To ensure that administrators are following this policy, management periodically selects a random sample of systems, retrieves the passwords for them from the safe and attempts to log in to the server, confirming that the password is accurate.

More information:

  • IAM expert David Griffeths explains how to manage user accounts after a layoff.
  • Train for the CISSP exam by learning access control policy and system basics.


    • BROWSE BY TAG
    Network Security,   Enterprise User Provisioning Tools,   Enterprise Identity and Access Management,   Identity Management Technology and Strategy,   Security Awareness Training and Internal Threats,   Information Security Management,   VIEW ALL TAGS

    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



    RELATED CONTENT
    Network Security
    How to set up a split-tunnel VPN in Windows Vista
    What is the difference between static and dynamic network validation?
    Port scan attack prevention best practices
    Securing the intranet with remote access VPN security
    How to prevent network sniffing and eavesdropping
    How to implement virtual firewalls in a complex network infrastructure
    How to manage network bandwidth with distributed ISP bandwidth
    How to edit group policy objects to give a user local admin rights
    How to prevent operating system cloning with AES 256-bit encryption
    How to securely connect a LAN POS to a remote point-of-sale device

    Enterprise User Provisioning Tools
    Quiz: Compliance-driven role management
    Identity lifecycle management for security and compliance
    Content-aware IAM: Uniting user access and data rights
    Is Identity Management as a Service (IDaaS) a good idea?
    Top tactics for endpoint security
    How to edit group policy objects to give a user local admin rights
    Privileged account management critical to data security
    Making the case for enterprise IAM centralized access control
    Lesson 3: How to implement secure access
    Best practices for a privileged access policy to secure user accounts

    Security Awareness Training and Internal Threats
    Health Net breach failure of security policy, technology
    Health Net healthcare data breach affects1.5 million
    Massive T-Mobile UK security breach involves insiders
    Secure your remote users in 2010
    Layoffs prompt insider threat fears, cybersecurity survey finds
    How to use Internet security threat reports
    Creating a HIPAA employee training program
    Successful rogue antivirus hinges on social engineering
    External attacks start with unintentional mistakes, survey finds
    Security technologies fail to address insider threat management

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    AAA server  (SearchSecurity.com)
    authentication, authorization, and accounting  (SearchSecurity.com)
    federated identity management  (SearchSecurity.com)
    logon  (SearchSecurity.com)
    onboarding and offboarding  (SearchSecurity.com)
    password synchronization  (SearchSecurity.com)
    RADIUS  (SearchSecurity.com)
    role mining  (SearchSecurity.com)
    role-based access control (RBAC)  (SearchSecurity.com)
    user profile  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts