[Banking_and_finance] Daily News 08.26.03 (fwd)
Johannes B. Ullrich
jullrich at sans.org
Tue Aug 26 17:19:00 EDT 2003
> The computer part is the easy part.
agreed. they just do what they are told. It has been said many time. But
security starts with a good security policy. Next you can think about
what technologies to use to enforce this policy.
With respect to the bank: I think the main failure in this case was
realizing that something bad happened. shi* happens. But at least you
have to know that it happened and act quickly to limit the damage. But I
bet the site was hosted in some colo-facility and it took them a while
to get someone to pull the plug.
--
SANS - Internet Storm Center
http://isc.sans.org
PGP Key: http://isc.sans.org/jullrich.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.blu.org/pipermail/discuss/attachments/20030826/7c680ca7/attachment.sig>
More information about the Discuss
mailing list