By Lawrence D. Dietz, Managing Director, Information Security & Legal Support Services, Tal Global Corporation

(Editor’s note: The opinions and copyright for this guest posting belong to Tal Global Corporation)

 This bulletin is part of our continuing effort to provide information and analysis to our clients and colleagues. Recently, tiny Estonia with an estimated population of slightly over 1 million has learned that productivity and connectivity on the Internet comes with the vulnerability borne of dependence. Estonia began removing a bronze statue of a World War II-era Russian soldier from a park in Tallinn. As a result they have been engaged in what some, like the New York Times are calling the “first war in cyberspace”. For the past several weeks the country has been defending itself from a barrage of apparently sophisticated and coordinated cyber attacks. Linton Wells II, the US DOD Principal Deputy Assistant Secretary of Defense for Networks and information integration was quoted as saying “This may well turn out to be a watershed in terms of widespread awareness of the vulnerability of modern society.”

 Some aspects of the attacks are worth noting. First of all there were a number of “waves” of attacks each with a specific objective in mind. Early waves were designed to explore vulnerabilities and test capacity and defenses. Secondly combinations of attack vectors were employed. In particular a psychological attack was waged on the prime minister by posting a fake letter of apology on this web site. Thirdly resource augmentation, the probable renting of botnets (networks of computers controlled by hostile parties and available for temporary rental by the highest bidder) for selected periods of time was employed to strengthen the distributed denial of service (DDoS) attack at key points in time.

Defensively the government categorized its sites and determined which, like the Estonian president’s sites would be designated low priorities, they also closed off large parts of the network to international traffic. The perpetrators were never identified nor caught.

What does this mean to our clients? If you are a part of the national infrastructure you may be an unwitting victim of an attack designed as a general attack against the government or the economy. Your systems may be victimized in several ways, taken over and used as potential ‘zombies’ for attacks on others, defacing of your websites for the purpose of advancing the messages of the attacker; denial of service victim or perhaps even designated for more malicious activity such as deletion of key files or information.

The point is that contingency planning must constantly think ‘out of the box’. A key task is inventory of critical information and functions. Personally identifiable information (PII), intellectual property and other sensitive data must be segregated and protected employing a defense in depth consisting of reinforcing defensive techniques. Alternatives for compartmentalization of networks into discrete, clearly defendable components should be considered and plans for alternative communications resources should be formulated and tested regularly to insure transparent implementation.  

Information security is certainly a key aspect of today’s governance challenges; another is the protection of critical information such as intellectual property. To get the latest in legal developments and best practices in this area, attend our upcoming June 13th Seminar, Demystifying Trade Secrets Protection Strategies. For more information see: http://www.acteva.com/booking.cfm?bevaID=133433.