Access your Pro+ Content below.
U.S. critical infrastructure security: Highlighting critcal infrastructure threats
This article is part of the September 2004 issue of Information Security magazine
Somewhere in Pakistan's mountainous interior, U.S. and Pakistani operatives last spring discovered a laptop with detailed reconnaissance of American targets. Al Qaeda apparently spent years carefully staking out the headquarters of several high-profile financial firms--Prudential, Citigroup, NYSE, World Bank and the International Monetary Fund. It was a chilling materialization of Osama bin Laden's 2001 edict: "Concentrate on hitting the U.S. economy through all possible means." The Financial Services Information Sharing and Analysis Center (FS-ISAC) wasted no time alerting its members to the threat, even though the intelligence pointed to a physical attack rather than a cyber-strike. "You can't just look at this as a threat of a physical attack. If you have a physical attack that involves cyber-assets, it's considered a cyberattack," says FS-ISAC chairperson Suzanne Gorman. Al Qaeda's objectives were clear: Attack rich and visible components of the nation's critical infrastructure to disrupt the U.S. economy, undermine ...
Access this Pro+ Content for Free!
Features in this issue
Despite heightened post-9/11 security awareness, the U.S. is exposed to numerous critical infrastructure threats.
Emerging Web app security services and products bring source code vulnerabilities to light, writes James C. Foster.
Offshoring is good for business, but lax security practices can torpedo your investment.
Columns in this issue
Would you tell your enterprise security secrets if you could hear others? Lawrence Walsh explains why he thinks communication in the security field is lacking.
Measuring risk and forming best practices relies on learning from past experiences. Analyst Jay Heiser explains how security tactics in the past, echo in todays world.
Do you rush to deploy patches, hot fixes or service packs as soon as possible? Victor Garza explains why this may not necessarily be the right decision.
See why Watchfire's acquisition of Sanctum does not spell the end for web app security.
The information security officer will soon go the way of the dodo bird.