The National Infrastructure Protection Center (NIPC) has issued an advisory (NIPC Advisory 03-002) to heighten the awareness of an increase in global hacking activities as a result of the increasing tensions between the United States and Iraq.
Recent experience has shown that during a time of increased international tension, illegal cyber activity: spamming, web defacements, denial of service attacks, etc., often escalates. This activity can originate within another country, which is party to the tension. It can be state sponsored or encouraged, or come from domestic organizations or individuals independently. Additionally, sympathetic individuals and organizations worldwide tend to conduct hacking activity, which they view as somehow contributing to the cause. As tensions rise, it is prudent to be aware of, and prepare for this type of illegal activity.
Attacks may have one of several motivations:
Political activism targeting Iraq or those sympathetic to Iraq by self-described “patriot” hackers.
Political activism or disruptive attacks targeting United States systems by those opposed
to any potential conflict with Iraq.
Criminal activity masquerading or using the current crisis to further personal goals.
Regardless of the motivation, the NIPC reiterates such activity is illegal and punishable as a felony. The U.S. Government does not condone so-called “patriotic hacking” on its behalf. Further, even Apatriotic hackers@ can be fooled into launching attacks against their own interests by exploiting malicious code that purports to attack the other side when in fact it is designed to attack the interests of the side sending it. In this and other ways Apatriotic hackers@ risk becoming tools of their enemy.
During times of potentially increased cyber disruption, owners/operators of computers and networked systems should review their defensive postures and procedures and stress the importance of increased vigilance in system monitoring. Computer users and System Administrators can limit potential problems through the use of “security best practices” procedures. Some of the most basic and effective measures that can be taken are:
Increase user awareness
Update anti-virus software
Stop potentially hostile/suspicious attachments at the E-Mail server
Utilize filtering to maximize security
Establish policies and procedures for responding and recovery
href=http://www.ds-osac.org/view.cfm?key=7746534443&type=3D13151D011112>READ MORE HERE (scroll to bottom of page)