FBI, DOJ Issue List of Worst Net Threats

[William Knowles <wk () C4I ORG>]

http://www.thestandard.net/article/display/0,1151,15608,00.html

By Elinor Abreu
May 31, 2000

The FBI, the Department of Justice and the System Administration,
Networking and Security Institute are jointly releasing a list
detailing the 10 most critical Internet security threats and how to
eliminate them.

While those threats are mostly of concern to network administrators,
the SANS Institute also released a list of the five worst security
mistakes committed by average computer users.

Not surprisingly, at the top of that list is opening unsolicited
e-mail attachments without verifying their source or checking their
content. Apparently, people haven't yet learned the security lessons
of the "ILoveYou" virus, as messages containing the virus are still
being sent nearly a month after it was unleashed causing an estimated
$6.7 billion worth in damage.

No. 2 on the list is failing to install security patches, especially
for Microsoft Office, Microsoft Internet Explorer and Netscape
browsers. Installing screen savers or games from unknown sources is
next, followed by not making and testing backups, and then using a
modem while connected through a local area network.

But average computer users aren't the only ones leaving themselves
open to attack. The SANS Institute also points an accusatory finger at
senior executives and information technology experts.

[...]

Sans Top 10 Internet Security Threats List:
http://www.sans.org/topten.htm


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".