Attack Reports and Responses

A joint study of U.S. government computer security by the FBI and the Computer Security Institute released on March 7 reported viruses and system penetration as the most frequent types of attacks or misuse detected, each reported by more than 50% of 104 respondents. An article on the report by Heather Harrald in Government Computer News also reported that most attacks on government systems resulted from Internet access, reversing the trend of insider attacks by employees being the most likely source of attack.

An(other) attack on a NASA web page prompted that agency to adopt a policy of placing all public access servers outside of an agencywide firewall. Users behind the firewall will have their WWW access limited to sites identified as "necessary for business."

The U.S. Army officially announced the creation of its own Computer Emergency Response Team, ACERT (though it was reported that the team was "activated" last September). The Army was the last of the services to create such a team.

NIST created a Federal Computer Incident Response Capability (FedCIRC) web site, where you can find that in October through December 1996 FedCIRC responded to 13 hotline calls, among other things. The organization was launched last November 7; NIST subcontracts the operational incident handling capability to DARPA's CERT at CMU/SEI and Dept. of Energy's CIAC. NIST's responsibilities include managing the operation and utilizing the vulnerability data collected by FedCIRC.