- Email: [email protected]
Computer systems under siege
Computers
current efforts such as the Defense Department’s Red Book may not be enough. Foreign governments are recognizing the need for security; many are using the Orange ‘Book, the “Department of Defense Trusted Computer System Evaluation Guidelines. ” The Orange Book by itself is of little help, he said, so NSA issued a Yellow Book, “Guidance for Applying the Department of Defense Trusted Computer System Evaluation Guidelines in Specific Environments.” These guides are fine for a stand-alone computer installation, but networks present many different problems. NSA therefore issued a network interpretation of the Orange Book, known as the Red Book, “The Trusted Network Interpretation of the Department of Defense Trusted Computer System Evaluation Guidelines. ” However, much of what is in the Red Book has not been operationally validated, Lane said. Government Computer News, January 22, 1987, p. 19.
Security and Software: Are You Fully Insured?, Claude F. Whitmyer. The article discusses the problems of theft, destruction, disruption and modification of software. It emphasizes the importance of making backups and storing them safely, the use of passwords and encryption, and control of who may make modifications. It should not be assumed that computer software is automatically covered under other insurance policies. A list of insurance organizations that provide special insurance for computer systems is included. The Ofie,
January 1988, p. 54.
Computer Systems Under Siege, Vin McLellan. Computer viruses which could subvert. alter
and Security,
or destroy the computer programs of banks, corporations, the military and the Government have infected personal computer programs at several corporations and universities in the United States, Israel, West Germany, Switzerland, Britain and Italy. Like its biological counterpart, a computer virus can instantaneously clone a copy of itself and then bury those copies inside other programs. All infected programs then become contagious and the virus passes to other computers with which the software comes into contact. The virus can evade the normal controls and barriers that all computers, even those at secure military installations, use to control who has access. Viruses can thrive partly because industry has widely adopted networks despite the fact that these links have generally weakened security. In addition, the widespread adoption of personal computers has included the wide distribution of free, non-copyrighted “public domain” programs. It is in this exchange that virus codes have caused a series of small epidemics. Many companies are trying to contain the spread of viruses by forbidding employees to bring to work uncopyrighted software. The New York Times, January 31, 1988, pp. Dl, 08.
Computer Viruses Spread, Paul E. Schindlerjr. Viral outbreaks have occurred at five universities in the United States and at a Martin Marrietta research facility according to Kenneth Van Wyk. Although thus far limited to universities and research facilities there is nothing inherent in the nature of a virus to prevent it from affecting commercial offices. Government agen-
Vol. 7, No. 3
cies are taking the threat seriously. The National Security Agency’s National Computer Security Center offers advice and software to protect against infection. The easiest precaution is to use only software that comes in factory-sealed containers from reputable dealers, no copies and no executable programs from bulletin boards. Disk containing Command. Corn should be write protected. A list of infected programs is included in the article. Information WEEK, February 22, 1988, pp. 17-18.
Software, Hardware “Vaccines” Stem Threat of Deadly Computer Viruses, Linda Bridges. In recent years, a series of computer “viruses” have contaminated PCs, hard disks and data tiles, inspiring several companies to develop “vaccines” in the form of hardware and software schemes, to safeguard microcomputers. An example of the problem occurred at Lehigh University where more than 100 floppy disks were infected and the data were lost. Two protection products are described in the article. PC Week, March 8, 1988, p. 13.
DOD Fights Off Computer Virus, Frank Ruiz. The Defense Department has moved to prevent computer viruses from sabotaging its computers. Viruses designed to spread automatically from one computer to another and from one disk to another, have struck systems at Hebrew University in Jerusalem, IBM’s regional offices in Florida and the disks and machines of user groups. According to a DOD spokeswoman, computer scientists have installed programming tools and hardware devices to prevent the infiltration of virus programs. The DOD is
325
current efforts such as the Defense Department’s Red Book may not be enough. Foreign governments are recognizing the need for security; many are using the Orange ‘Book, the “Department of Defense Trusted Computer System Evaluation Guidelines. ” The Orange Book by itself is of little help, he said, so NSA issued a Yellow Book, “Guidance for Applying the Department of Defense Trusted Computer System Evaluation Guidelines in Specific Environments.” These guides are fine for a stand-alone computer installation, but networks present many different problems. NSA therefore issued a network interpretation of the Orange Book, known as the Red Book, “The Trusted Network Interpretation of the Department of Defense Trusted Computer System Evaluation Guidelines. ” However, much of what is in the Red Book has not been operationally validated, Lane said. Government Computer News, January 22, 1987, p. 19.
Security and Software: Are You Fully Insured?, Claude F. Whitmyer. The article discusses the problems of theft, destruction, disruption and modification of software. It emphasizes the importance of making backups and storing them safely, the use of passwords and encryption, and control of who may make modifications. It should not be assumed that computer software is automatically covered under other insurance policies. A list of insurance organizations that provide special insurance for computer systems is included. The Ofie,
January 1988, p. 54.
Computer Systems Under Siege, Vin McLellan. Computer viruses which could subvert. alter
and Security,
or destroy the computer programs of banks, corporations, the military and the Government have infected personal computer programs at several corporations and universities in the United States, Israel, West Germany, Switzerland, Britain and Italy. Like its biological counterpart, a computer virus can instantaneously clone a copy of itself and then bury those copies inside other programs. All infected programs then become contagious and the virus passes to other computers with which the software comes into contact. The virus can evade the normal controls and barriers that all computers, even those at secure military installations, use to control who has access. Viruses can thrive partly because industry has widely adopted networks despite the fact that these links have generally weakened security. In addition, the widespread adoption of personal computers has included the wide distribution of free, non-copyrighted “public domain” programs. It is in this exchange that virus codes have caused a series of small epidemics. Many companies are trying to contain the spread of viruses by forbidding employees to bring to work uncopyrighted software. The New York Times, January 31, 1988, pp. Dl, 08.
Computer Viruses Spread, Paul E. Schindlerjr. Viral outbreaks have occurred at five universities in the United States and at a Martin Marrietta research facility according to Kenneth Van Wyk. Although thus far limited to universities and research facilities there is nothing inherent in the nature of a virus to prevent it from affecting commercial offices. Government agen-
Vol. 7, No. 3
cies are taking the threat seriously. The National Security Agency’s National Computer Security Center offers advice and software to protect against infection. The easiest precaution is to use only software that comes in factory-sealed containers from reputable dealers, no copies and no executable programs from bulletin boards. Disk containing Command. Corn should be write protected. A list of infected programs is included in the article. Information WEEK, February 22, 1988, pp. 17-18.
Software, Hardware “Vaccines” Stem Threat of Deadly Computer Viruses, Linda Bridges. In recent years, a series of computer “viruses” have contaminated PCs, hard disks and data tiles, inspiring several companies to develop “vaccines” in the form of hardware and software schemes, to safeguard microcomputers. An example of the problem occurred at Lehigh University where more than 100 floppy disks were infected and the data were lost. Two protection products are described in the article. PC Week, March 8, 1988, p. 13.
DOD Fights Off Computer Virus, Frank Ruiz. The Defense Department has moved to prevent computer viruses from sabotaging its computers. Viruses designed to spread automatically from one computer to another and from one disk to another, have struck systems at Hebrew University in Jerusalem, IBM’s regional offices in Florida and the disks and machines of user groups. According to a DOD spokeswoman, computer scientists have installed programming tools and hardware devices to prevent the infiltration of virus programs. The DOD is
325