ACK! -- CONTINUED
Dustin Decker
dustind at moon-lite.com
Sun Apr 20 14:56:33 CDT 2003
On Sun, 20 Apr 2003, Zscoundrel wrote:
> Contact the FBI. This is an INTERSTATE jurisdiction, and unless the ISP
> starts to cooperate, they are guilty of colusion because by not
> cooperating, they are protecting the perpetrator.
Yeah - good luck with that. Unless you can prove substantial monetary
loss (like > $10K) has occured due to the hack, the good ol' boys at the
FBI aren't going to be much help to you. They're only interested in
high-profile cases that get press, and stand a good chance of more than a
slap on the wrist when prosecuted.
Treat the current break in as a lesson - learn from it, and recover. Move
on, and take up a more secure posture. Expect it to happen again.
As "Bruce" wouls say, "Security is a process, not a product." Information
Security is nothing more than a game of risk management. It's not a
matter of _if_ you'll get hacked, more a matter of "when" and what to do
about it when it happens.
Do some research on qualitative and quantitative risk analysis with annual
rates of occurance, annual loss expectencies, and stuff like that. It
will change the way you look at these issues, and more importantly, how
you prepare and respond.
Happy Easter ya'll!
D.
--
o-----------------------------------o
| Dustin Decker - CNA, MCP |
| dustin at dustindecker.com o-------------------------------------o
| Network Engineer | |
| Preferred Physicians Group | |
o-------------------------------| E = MC ** 2 +- 3db |
| |
| |
o-------------------------------------o
More information about the Kclug
mailing list