30-10-07

It is not because the cyberattack hasn't taken place yet

That the member of the Turkish hacker clan that proclaimed the threat is playing golf. For the moment he or the name of the clan he said he belonged to are waging attacks on the Belgian cyberinfrastructure that are being seen. But they are still defacing numerous sites everywhere else around the world. So they still have all the firing power they would need to launch such an attack.

That in Belgium authorities and security people are playing sitting duck and just waiting to see if something will happen. Have the impression that some people are starting to follow up on the story. In the best case they are studying what happened during the big scale attacks against other countries and have plans ready or are setting them up. Responding to such wide scale attacks without a plan and a coordination would be totally irresponsable. It would multiply the economic impact of such an attack by .........

A worst case scenario is that they are now making an inventory of the sites and infrastructure to attack and are scanning. After that they can wait for the next release of windows patches (and an exploit against unpatched machines at the latest a few days later) or are waiting for a new zero day exploit coming on the black market (for sale). Next week may be critical. If there are no political or military events that change the context, the situation may cool down after that if next week no major attack takes place. (which means 'only' 5 to 20 Belgian .be websites hacked every few days).

In the best case scenario they have understood that another such attack against an European country would do no benefit at all for Turkye.  It will not get them any sympathy for their 'cause' against the PKK and it will not make a good impression while you are negotiating a better 'membership-or-somthing-like-that' deal with the European Community of which the institutions are placed in Brussels, Belgium....  You do not need to be a general to understand this.

So in colours I would say Yellow in Sans terms. Prepare yourself and watch out. If something big happens, it would be between now and the end of next week without any change in the political context. For the rest, control your firewall, your logs, patch your machines, close down the applications, change standard passwords, upgrade older machines, make backups, set up a procedure who to contact and what to do and what everyone should do if something goes wrong and test next week the time you would need to patch all your machines as fast as possible. In that case this announcement is a good case for an exercise. Better be prepared than sorry. (ps I am not a believer in end-of-the-digital-world-conspiracies )

08:49 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.