McConnell claims that his sister used Nortel’s Joint Automated Booking System ('JABS') to book Serco’s Base One black hats into the Pentagon City Sheraton Hotel for the 2001 Global Guardian joint exercises where the late Captain Chic served as decoy – his plane being vaporized in an Atlantic drop zone – while the real target was destroyed and hotel-based triage teams ensured no one survived who witnessed the MI-3 Innholders honeypot hits on the Pentagon U.S. Navy Command Center.
Serco’s (formerly RCA GB 1928) honeypot hotels and triaged crime scenes:
Royal Hawaiian Hotel and the triage of Pearl Harbor
Lawrence Hotel and the triage of JFK
Hotel Ritz Paris and the triage of Princess Di
Sheraton Pentagon City Hotel and the 9/11 triage on the Pentagon Lawn
Edgeware Road Hilton Hotel and the 7/7 triage of Mohammad Sidique Khan
Abbott Gardens Hotel, Pakistan and the triage of Osama bin Laden
Hotel Inter-Continental Kabul and the triage of Seal Team 6
Charlesmark Hotel and the triage at the Boston Marathon
Tibesti Hotel and the 9/11/2012 triage of Ambassador Stevens in Benghazi
Residence Inn (Marriott) and the triage of Aaron Alexis in the Navy Yard
Holiday Inn Glasgow and the triage of police helicopter crash on Clutha pub
Regent Grand Hotel Bordeaux and the triage of Kok Lam’s Brilliant helicopter
Disambiguation:
MI-3B = Livery Company patent-pool supply-chain users of Privy Purse and Forfeiture Fund Marcy (Forfeiture Fund – KPMG Small Business Loan Auction – Con Air Medical JABS)
+ Inkster (Privy Purse – KPMG tax shelter – RCMP Wandering Persons – Loss Adjuster fraud)
+ Interpol (Berlin ‘41-‘45 – Operation Paperclip Foreign Fugitive – William Higgitt – Entrust)
+ Intrepid (William Stephenson – GAPAN, Mariners patent pools – Wild Bill Pearl Harbor 9/11) +Baginski (Serco Information Technologists Skynet sodomite mesh, KPMG Consulting Tillman)
MI-3 = Marine Interruption Intelligence and Investigation unit set up in 1987 to destroy above
McConnell’s Book 12 www.abeldanger.net shows agents in his Marine Interruption, Intelligence and Investigations (MI-3) group mingling in various OODA exit modes with agents of the Marcy Inkster Interpol Intrepid (MI-3) Livery protection racket based at Skinners’ Hall, Dowgate Hill.
Prequel 1: #1799: Marine Links Obama MI-3 Innholders to Serco Base One Honeypot, Triage of SEAL Team 6
Prequel 2: 12-17-2013 #1790 Marine Links MI-3 Serco Hotel Internet Triage to Clinton’s Sheraton Angleterre Pentagon Bomb
Prequel 3: Captain Gerald DeConto - Exercise Went Live - US Naval Communications Center was taken out on 9/11
Serco's honeypot tester for the Pentagon Renovation Program!
“Pentagon Attack Footage
The Suppression of Video Footage of the Pentagon Attack
It is striking that there is neither video footage nor any photographic evidence in the public domain showing a jetliner approaching or crashing into the Pentagon. As of May, 2006, the only video footage of the crash that has been released are clips from two Pentagon security cameras north of the crash site, one the source of 5 frames leaked in 2002.
With the release of the two video clips, the Pentagon claims to have supplied all of the footage it has of the attack. Although the number and positions of security cameras monitoring the Pentagon is not public knowledge, it seems unlikely that only two security cameras captured the attack. Isn't it reasonable to assume that there were dozens, if not hundreds, of security cameras ringing the huge building that is the heart of the United States military establishment?
Videos Outside the Pentagon Seized
Not only has the government refused to release footage that would clearly show how the Pentagon was attacked, it has also seized footage not belonging to the military. The FBI confiscated video recordings from several private businesses near the Pentagon in the immediate aftermath of the attack. Those recordings, if they still exist, might provide decisive evidence about the attack.
The FBI visited a hotel near the Pentagon to confiscate film from a security camera which some hotel employees had been watching in horror shortly after the attack. The FBI denied that the footage captured the attack. 1
The FBI visited the Citgo gas station southwest of the Pentagon within minutes of the attack to confiscate film that may have captured the attack. According to Jose Velasquez, who was working at the gas station at the time of the attack, the station's security cameras would have captured the attack.”
“Shoestring 9/11 SATURDAY, 2 FEBRUARY 2008
According to the official account of 9/11, American Airlines Flight 77--which supposedly crashed into the Pentagon--was hijacked shortly after 8:51 a.m. on September 11, 2001. This claim is so central to the U.S. government's story that we would reasonably expect it to have been proven. Yet a closer analysis of the evidence shows that, in fact, it appears preposterous.
THE TOUGH PILOT
THE TOUGH PILOT
The first thing to recognize when evaluating the official Flight 77 story is that the plane's pilot was a former military man, and a genuinely tough guy. Captain Charles "Chic" Burlingame had graduated from the United States Naval Academy in 1971. He served eight years on active duty as a fighter pilot, and served several tours at the Navy's elite Top Gun school. He then spent 17 years in the Naval Reserve before retiring from the military in 1996. [1] During his military career, he had tours in Vietnam and the 1991 Gulf War. [2] His sister Debra Burlingame described him as "a guy that's been through SERE [Survival Evasion Resistance Escape] school in the Navy and had very tough psychological and physical preparation." She said, "If there was any chance of saving [Flight 77], this was the kind of guy who would have been able to do that." [3] Admiral Timothy Keating was a good friend of Burlingame's, having been a classmate of his in the Navy and attended flight school with him. He told CNN: "I was in a plebe summer boxing match with Chic, and he pounded me. ... Chic was really tough." [4] Even up to his death Burlingame enjoyed boating, in-line skating, and weightlifting, and was "in great shape," according to his friend Steve Brooks. [5]
Surely it would take a particularly formidable team of terrorists to wrestle control of a plane from a man like this? Yet here is where the official story falls apart at the first hurdle. The supposed hijackers in fact appear to have been a group of weaklings.
THE FEEBLE HIJACKERS
The five men who allegedly hijacked Flight 77 comprised of a pilot, Hani Hanjour, and four "muscle" hijackers who'd been tasked with storming the cockpit and controlling the passengers: Majed Moqed, Khalid al Mihdhar, Nawaf al Hazmi, and his brother Salem al Hazmi. However, as the 9/11 Commission pointed out, "The so-called muscle hijackers actually were not physically imposing," with the majority of them being between 5'5" and 5'7" in height, "and slender in build." [6] As their ID cards have revealed, Salem al Hazmi was just 5'4" tall and Khalid al Mihdhar's was 5'6". [7]
Between September 2 and September 6, 2001, about a week before the attacks, the five alleged hijackers attended Gold's Gym in Greenbelt, Maryland, where, reportedly, they were "awkwardly lifting weights and using resistance machines." [8] Gold's Gym regional manager Spero Courtis has described, "They seemed not to really know what they were doing." [9] According to Gene LaMott, the CEO of Gold's Gym International Inc.: "They weren't on the masculine side. They looked like students from the university." [10]
Heading this group of supposed mass murderers was Hani Hanjour, the alleged suicide pilot said to have crashed Flight 77 into the Pentagon. This 29-year-old from Saudi Arabia was "barely over 5 feet tall, skinny and boyish," according to the Washington Post. [11] Not only was he physically unimposing, he was also quite a nice man, according to several people who met him. In spring 1996, he'd stayed for a month in Miramar, Florida, in the home of Adnan Khalil, a Saudi professor at a local college, and his wife Susan. The Khalils have recalled Hanjour being "mousey and gentle, with a weak personality." Susan Khalil has commented, "I didn't get the feeling that he hated me or hated Americans." [12] He also liked children. Susan Khalil recalled, "He was very kind and gentle to my son, who was 3 years old." [13] Early in 2001, Hanjour attended the JetTech flight school in Phoenix, Arizona. [14] According to Marilyn Ladner, a vice president at the Pan Am International Flight Academy, which operated the school: "The staff thought he was a very nice guy. ... There was no suspicion as far as evildoing." [15] After 9/11, Abulrahman Hanjour, Hani's older brother, described the family's feelings: "We thought that he liked the USA. ... I would think he would give his life to save lives, not to do this." [16]
THE IMPOSSIBLE HIJACKING
Yet this apparently sweet and gentle little man, along with his four physically unimposing colleagues, are meant to have become a gang of killers on 9/11. Here, in the words of the 9/11 Commission, is what they are alleged to have done: "Between 8:51 a.m. and 8:54 a.m., the hijackers began their takeover of the aircraft. They initiated and sustained their command of the aircraft using knives and box cutters (reported by one passenger) and moved all of the passengers (and possibly crew) to the rear of the aircraft (reported by one flight attendant and one passenger)." However, "Neither of the firsthand accounts to come from Flight 77, from a flight attendant and from a passenger, mentioned any actual use of violence (e.g., stabbings) or the threat or use of either a bomb or Mace." [17] I guess we are supposed to believe the passengers and crew were so terrified by these puny little men that they just submitted to them without a fight.
Charles Burlingame and his co-pilot David Charlebois appear to have lost control of Flight 77 within the space of just a few minutes. At 8:54, three minutes after its last routine radio communication, the plane veered off its assigned course. Two minutes later, its transponder--a small radio transmitter that sends information about a plane to controllers--was switched off. [18] In other words, five short, weak men were supposedly able to seize control from Burlingame--a highly trained former military man who enjoyed weightlifting and was described as "really tough"--in about three minutes.
Although neither of the two alleged callers from Flight 77 mentioned any violence having occurred, Burlingame's younger brother Mark has commented: "I don't know what happened in that cockpit, but I'm sure that [the hijackers] would have had to incapacitate [Charles Burlingame] or kill him because he would have done anything to prevent the kind of tragedy that befell that airplane." [19] Burlingame's friend Timothy Keating remarked that "the terrorists had to perform some inhumane act to get him out of that cockpit, I guarantee you." [20] And indeed, according to Virginia Senator John Warner, "the examination of his remains ... indicated Captain Burlingame was in a struggle and died before the crash, doing his best to save lives on the aircraft and on the ground." [21] Former Senator George Allen said the FBI had determined that Burlingame was bludgeoned to death. [22]
This story is ridiculous. There is no way five weaklings could have seized control of Flight 77, in the process beating Charles Burlingame to death, all within a few minutes. The most crucial questions therefore remain uninvestigated and unanswered: Who really killed Charles Burlingame? And what actually happened that day?”
“N.J. HI-RISE 'ARSON' KILLS DAUGHTER OF PENTAGON PILOT
December 6, 2006 -- The daughter of the 9/11 pilot whose hijacked American Airlines passenger jet crashed into the Pentagon died in a suspicious fire at a 50-story high-rise overlooking the Hudson River in New Jersey yesterday.
The charred body of Wendy Burlingame was discovered by firefighters at around 3:30 a.m.
Her dad, Capt. Charles "Chic" Burlingame, was at the controls of Flight 77 when terrorists overpowered the crew and plowed the jet into the defense complex, killing 184 people.
Yesterday, homicide detectives and fire marshals were sifting through the still-warm ashes in the 10th-floor burned-out apartment in the luxury Galaxy residential complex in Guttenberg, on the banks of the Hudson.
A month ago, Burlingame, 33, picked up stakes, sold her lucrative online dating service in Pittsburgh and moved to New Jersey to live with her long-time boyfriend, Kevin Roderick, relatives said.
Roderick, an Army veteran, escaped unscathed when the deadly blaze broke out in the bedroom at 12:03 a.m.
Hudson County Prosecutor Edward De Fazio said that "drinking might have been involved" but did not elaborate.
He said the quick-spreading, four-alarm fire "has been ruled suspicious," but that no accelerant had been used.
Neighbors who live directly below the apartment reported hearing scurrying footsteps and then a mysterious "thump" just minutes before the blaze broke out.
"We usually hear them upstairs, but last night it was louder than usual," said Sebastian Rojas.
"It sounded like somebody was moving something or someone was moving very fast and then it sounded like something was dropped. It wasn't like an explosion. The best I can say it was like a thump."
"The investigation is in very preliminary stages. It's not a homicide at this point," De Fazio said, explaining that "the homicide squad is called in any fire where there is a death."
Burlingame's body was found in the hallway between the kitchen and bedroom. The couple's two dogs also died.
Police questioned and released Roderick. He told them he thought Burlingame "was behind him" when he fled the smoky apartment.
Flames could be seen shooting 20 feet into the night sky before it was brought under control some three hours later.
Burlingame was the niece of Debra Burlingame, the sister of the slain pilot. Debra Burlingame was a frequent guest on TV news shows about the 9/11 attacks and often spoke eloquently about her older brother.
"I just found out and I just can't speak," Debra said of her niece's death. "I'm devastated. This poor girl, this poor family, they've already been through so much. This is a nightmare."
At her father's funeral in Arlington Cemetery in 2001, Wendy Burlingame was photographed with her son Jack, now 9, leaning over the coffin.
Relatives said the boy was with his dad in Texas and hadn't been told the tragic news.
Wendy Burlingame's mom, Nancy Perfect, and sister, Merion, of Ocean City, N.J., arrived at the building complex around dusk.
Merion said she had spent the night chatting with her sister online.
Burlingame's mother held back tears and said, "I just had to come to see for myself."
"She was supposed to come and see me. I talked to her for a long time on the phone and she was planning to come down for a few days."
Perfect said Burlingame and Roderick adored each other.
In Pittsburgh, Wendy Burlingame ran a dating service called Great Expectation. "She loved it," Perfect said. "She could sell anybody anything. She was just wonderful, beautiful, energetic."”
http://www.nypost.com/seven/
December 6, 2006 -- The daughter of the 9/11 pilot whose hijacked American Airlines passenger jet crashed into the Pentagon died in a suspicious fire at a 50-story high-rise overlooking the Hudson River in New Jersey yesterday.
The charred body of Wendy Burlingame was discovered by firefighters at around 3:30 a.m.
Her dad, Capt. Charles "Chic" Burlingame, was at the controls of Flight 77 when terrorists overpowered the crew and plowed the jet into the defense complex, killing 184 people.
Yesterday, homicide detectives and fire marshals were sifting through the still-warm ashes in the 10th-floor burned-out apartment in the luxury Galaxy residential complex in Guttenberg, on the banks of the Hudson.
A month ago, Burlingame, 33, picked up stakes, sold her lucrative online dating service in Pittsburgh and moved to New Jersey to live with her long-time boyfriend, Kevin Roderick, relatives said.
Roderick, an Army veteran, escaped unscathed when the deadly blaze broke out in the bedroom at 12:03 a.m.
Hudson County Prosecutor Edward De Fazio said that "drinking might have been involved" but did not elaborate.
He said the quick-spreading, four-alarm fire "has been ruled suspicious," but that no accelerant had been used.
Neighbors who live directly below the apartment reported hearing scurrying footsteps and then a mysterious "thump" just minutes before the blaze broke out.
"We usually hear them upstairs, but last night it was louder than usual," said Sebastian Rojas.
"It sounded like somebody was moving something or someone was moving very fast and then it sounded like something was dropped. It wasn't like an explosion. The best I can say it was like a thump."
"The investigation is in very preliminary stages. It's not a homicide at this point," De Fazio said, explaining that "the homicide squad is called in any fire where there is a death."
Burlingame's body was found in the hallway between the kitchen and bedroom. The couple's two dogs also died.
Police questioned and released Roderick. He told them he thought Burlingame "was behind him" when he fled the smoky apartment.
Flames could be seen shooting 20 feet into the night sky before it was brought under control some three hours later.
Burlingame was the niece of Debra Burlingame, the sister of the slain pilot. Debra Burlingame was a frequent guest on TV news shows about the 9/11 attacks and often spoke eloquently about her older brother.
"I just found out and I just can't speak," Debra said of her niece's death. "I'm devastated. This poor girl, this poor family, they've already been through so much. This is a nightmare."
At her father's funeral in Arlington Cemetery in 2001, Wendy Burlingame was photographed with her son Jack, now 9, leaning over the coffin.
Relatives said the boy was with his dad in Texas and hadn't been told the tragic news.
Wendy Burlingame's mom, Nancy Perfect, and sister, Merion, of Ocean City, N.J., arrived at the building complex around dusk.
Merion said she had spent the night chatting with her sister online.
Burlingame's mother held back tears and said, "I just had to come to see for myself."
"She was supposed to come and see me. I talked to her for a long time on the phone and she was planning to come down for a few days."
Perfect said Burlingame and Roderick adored each other.
In Pittsburgh, Wendy Burlingame ran a dating service called Great Expectation. "She loved it," Perfect said. "She could sell anybody anything. She was just wonderful, beautiful, energetic."”
http://www.nypost.com/seven/
“The September 11 attacks in 2001 occurred during that year's. That year, according to the 9/11 Commission Report, Vigilant Guardian 'postulated a bomber attack from the former Soviet Union' on North America. The Russian 37th Air Army was, in fact, conducting major bomber exercises across the Arctic and Atlantic at this time, amongst the largest carried out by them since 1993. Both the American and the Russian exercises were cancelled after the attack.
The National Commission on Terrorist Attacks Upon the United States investigated the possibility that Vigilant Guardian preparations compromised the military's response to the attacks on September 11. They concluded that the exercise may have had, in fact, the effect of expediting the response to the attacks.
On page 17 of the 9/11 Commission Report when Boston center calls NEADS (Northeast Air Defense Sector), the response from NEADS was "is this real world or exercise?". According to the 9/11 Commission's staff statement No. 17,[1]for instance, page 26 of the Commission's final report documents FAA's report of a "phantom flight 11" at9:21,[2] 35 minutes after the real flight 11 crashed into the WTC and even longer after the war games are alleged to have been aborted. However, General Ralph Eberhart told the 9/11 Commission “it took about 30 seconds” to make the adjustment to the real-world situation (note 116 to chapter 1).
The Vigilant Guardian war game was discussed in chapter 1, footnote 116 of the 9/11 Commission Report:
"On 9/11, NORAD was scheduled to conduct a military exercise, Vigilant Guardian, which postulated a bomber attack from the former Soviet Union. We investigated whether military preparations for the large-scale exercise compromised the military's response to the real-world terrorist attack on 9/11. According to General Eberhart, "it took about 30 seconds" to make the adjustment to the real-world situation. Ralph Eberhart testimony, June 17, 2004. We found that the response was, if anything, expedited by the increased number of staff at the sectors and at NORAD because of the scheduled exercise. See Robert Marr interview (Jan. 23, 2004)."
Hackers aren’t inherently bad — the word “hacker” doesn’t mean “criminal” or “bad guy.” Geeks and tech writers often refer to “black hat,” “white hat,” and “gray hat” hackers. These terms define different groups of hackers based on their behavior.
The definition of the word “hacker” is controversial, and could mean either someone who compromises computer security or a skilled developer in the free software or open-source movements.
Black Hats
Black-hat hackers, or simply “black hats,” are the type of hacker the popular media seems to focus on. Black-hat hackers violate computer security for personal gain (such as stealing credit card numbers or harvesting personal data for sale to identity thieves) or for pure maliciousness (such as creating a botnet and using that botnet to perform DDOS attacks against websites they don’t like.)
Black hats fit the widely-held stereotype that hackers are criminals performing illegal activities for personal gain and attacking others. They’re the computer criminals.
A black-hat hacker who finds a new, “zero-day” security vulnerability would sell it to criminal organizations on the black market or use it to compromise computer systems.
Media portrayals of black-hat hackers may be accompanied by silly stock photos like the below one, which is intended as a parody.
White Hats
White-hat hackers are the opposite of the black-hat hackers. They’re the “ethical hackers,” experts in compromising computer security systems who use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes.
For example, many white-hat hackers are employed to test an organizations’ computer security systems. The organization authorizes the white-hat hacker to attempt to compromise their systems. The white-hat hacker uses their knowledge of computer security systems to compromise the organization’s systems, just as a black hat hacker would. However, instead of using their access to steal from the organization or vandalize its systems, the white-hat hacker reports back to the organization and informs them of how they gained access, allowing the organization to improve their defenses. This is known as “penetration testing,” and it’s one example of an activity performed by white-hat hackers.
A white-hat hacker who finds a security vulnerability would disclose it to the developer, allowing them to patch their product and improve its security before it’s compromised. Various organizations pay “bounties” or award prizes for revealing such discovered vulnerabilities, compensating white-hats for their work.
Gray Hats
Very few things in life are clear black-and-white categories. In reality, there’s often a gray area. A gray-hat hacker falls somewhere between a black hat and a white hat. A gray hat doesn’t work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things.
For example, a black hat hacker would compromise a computer system without permission, stealing the data inside for their own personal gain or vandalizing the system. A white-hat hacker would ask for permission before testing the system’s security and alert the organization after compromising it. A gray-hat hacker might attempt to compromise a computer system without permission, informing the organization after the fact and allowing them to fix the problem. While the gray-hat hacker didn’t use their access for bad purposes, they compromised a security system without permission, which is illegal.
If a gray-hat hacker discovers a security flaw in a piece of software or on a website, they may disclose the flaw publically instead of privately disclosing the flaw to the organization and giving them time to fix it. They wouldn’t take advantage of the flaw for their own personal gain — that would be black-hat behavior — but the public disclosure could cause carnage as black-hat hackers tried to take advantage of the flaw before it was fixed.
“Black hat,” “white hat,” and “gray hat” can also refer to behavior. For example, if someone says “that seems a bit black hat,” that means that the action in question seems unethical.”
“Serco’s Office of Partner Relations (OPR) helps facilitate our aggressive small business utilization and growth strategies. Through the OPR, Serco mentors four local small businesses under formal Mentor Protégé Agreements: Three sponsored by DHS (Base One Technologies, TSymmetry, Inc., and HeiTech Services, Inc.,) and the fourth sponsored by GSA (DKW Communications, Inc.). Serco and HeiTech Services were awarded the 2007 DHS Mentor Protégé Team Award for exceeding our mentoring goals.”
“Base One Technologies – Corporate Strategy – We are a Government Certified Women-Owned Business
We practice Diversity Recruitment and Staffing for IT positions .. Because of our affiliations we have access to pools of resources among more diverse groups & individuals. We work with a large pool of minority professionals who specialize in IT skills. We are able to have access to these resources through our status as a D/MWBD firm and our affiliations. These affiliations assist us in working with resources among more diverse groups & individuals. We are also partnered with firms that are 8A certified as Minority firms, Disabled Veteran firms, Native American firms, Vietnam veteran firms, women owned firms. Our hub zone location keeps us close to the professional organizations of great diversity. We are active in recruiting from and networking with these community organizations of local IT professionals. This has given us access to a large pool of diversity talent. .. This is why Base One Technologies concentrates on diversity recruitment in the belief that a diverse team gives us a greater advantage in creating cutting edge solutions. … Information Security Planning is the process whereby an organization seeks to protect its operations and assets from data theft or computer hackers that seek to obtain unauthorized information or sabotage business operations. .. Key Clients Benefiting From Our Information Security Expertise: Pentagon Renovation Program, FAA, Citigroup, MCI. Base One Technologies .. Develops, implements and supports Information Security Counter measures such as honey-pots and evidence logging and incident documentation processes and solutions.”
“MI2G http://www.mi2g.com/cgi/mi2g/
Hacker attacks on Web sites have cost e-businesses millions of pounds. Ignoring the threats could result in big losses, so companies should take steps to minimise their risks, reports Paola di Maio
Recent denial of service attacks on some of the most popular sites on the Web have raised security up the e-trade agenda. Last February, hackers temporarily disabled sites at Yahoo, CNN, E*Trade and ZDNet. These types of attack are costing firms millions in capitalisation costs, lost revenues and security upgrades, according to analyst firm Yankee Group.
London-based security firm mi2g has been studying such attacks for years. It has found plenty of examples. Last spring, hackers disabled systems of the Ministry of Defence and Nato for 48 hours. US hacker MagicFX broke into eBay, the largest online auction site. Guessing passwords, MagicFX managed to access and modify system software, intercept log-in identities and passwords, read users' keystrokes and amend eBay's Web pages.
On 30 August 1999 the Hackers Unite group accessed Hotmail's systems, causing a big drop in Microsoft's share value. Last September, the United Loan Gunmen (ULG) accessed the Nasdaq stock exchange network. Nasdaq also reported some 'hiccups' last month, but has not disclosed details. In January, a group known as East European Syndicate accessed online music vendor CD Universe and tried to blackmail the parent company, eUniverse. The group stole 300,000 credit card numbers and attempted to sell them over the Internet.
Risk assessment
According to mi2g, most security breaches are caused by disgruntled staff who want to damage their current or former employers.
Some hackers seek financial gain, but most see hacking as an intellectual challenge and are presumably responsible for those attacks that seem pointless to the rest of us. Others can be politically motivated, and express their dissent by disrupting their target's online activities.
'Our research concludes that 60 percent of attacks take place because of a security breach caused by bribed or angry staff, who disclose details of internal systems to third parties,' said DK Matai, mi2g's founder.
'Our recommendation is that the first level of precaution is taken within human resources management monitoring dissatisfaction among employees. Solid legal contracts should be in place that emphasise the consequences of security breaches and make clear that the company will pursue the moles with penal action,' he said.
Cyber attacks can fall into several different categories. These include:
· Denial of service Users cannot access sites.
· Surrogacy The site address is usurped.
· Piracy Data is extracted or manipulated.
· Hazards Vital operational information is manipulated to disrupt an activity.
While firms have long been able to insure against the loss of business information, such policies have failed to keep pace with the increasing risk. The proliferation of Internet applications is making business systems increasingly open and vulnerable.
New categories of risk are appearing that could make businesses lose revenue, and make host organisations liable to third parties for the loss or theft of personal information in their possession. This could include credit card information, medical histories and intellectual property.
The first step in securing a network is to understand exactly what data is available online, who has access to it, and whether adequate protection is in place.
The most widely used method of assessing the likelihood and impact of risk exposure addresses three main areas:
· Prediction What is the current state of the systems? Where are security failures likely, or actually occurring? How effective is the security policy?
· Quantification of impact and prioritisation What failures will cause the most harm? What security risks should be tackled first?
· Management What changes are occurring in an organisation's risk profile? How is security policy addressing those changes?
A survey of City of London financial institutions by mi2g found that four in 10 banks are dissatisfied with their current security provisions and that 5.5 percent had been attacked online at least once.
Some trouble can be avoided by having suitable security policies, and there are a number of IT measures companies can take. 'Firms should regularly review recovery procedures, and maybe keep a unique spare system with a different underlying operating system, so that if the main system is attacked, the spare one kicks in,' said Matai.
Matai acknowledged this is a very expensive solution. 'This option involves the cost of keeping over 50 percent of your computing resources idle, and not every organisation can afford that,' he said.
Another step is securing reference clocks. Ensuring that the date and time of systems cannot be changed is an important precaution to avoid interference with accounts.
High-risk companies should create unique security architectures so that no one knows the whole system design, thus making it difficult to break in.
There are a number of architectural tricks that can be designed into a system, said Matai. These include adding extra layers and what are called 'honey pots' relatively visible and easily accessible areas that lure hackers, leading them to believe that they are inside a network. However, they trigger alarms so administrators know the system is being hacked into.
A security policy should also prioritise remedial action and foster strong encryption, interception and pursuit techniques.
Network and Internet risk management is the combination of legal, technical, personnel and insurance provisions. However, even with proper precautions, eternal vigilance is still required.
SUMMARY
· Recent denial of service attacks on leading Web sites have highlighted the vulnerability of e-businesses.
· Most security threats emanate from disgruntled staff.
· Recent denial of service attacks on leading Web sites have highlighted the vulnerability of e-businesses.
· Most security threats emanate from disgruntled staff.
· Companies should include stringent security rules in staff handbooks.
· Safeguards can be designed into systems. These may include hacker traps, spare systems, and restricting knowledge of the network.”
· Safeguards can be designed into systems. These may include hacker traps, spare systems, and restricting knowledge of the network.”
Links:
PresidentialField Mandate
Abel Danger Blog
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.