[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] NIPC warnt vor "sicherheitsrelevantem Content" in Webseiten
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
National Infrastructure Protection Center
Internet Content Advisory: Considering The Unintended Audience
Advisory 02-001
17 January 2002
As worldwide usage of the Internet has increased, so too have the vast
resources available to anyone online. Among the information available
to
Internet users are details on critical infrastructures, emergency
response
plans and other data of potential use to persons with criminal intent.
Search engines and similar technologies have made arcane and seemingly
isolated information quickly and easily retrievable to anyone with
access to
the Internet. The National Infrastructure Protection Center (NIPC) has
received reporting that infrastructure related information, available on
the
Internet, is being accessed from sites around the world. While in and
of
itself this information is not significant, it highlights a potential
vulnerability.
The NIPC is issuing this advisory to heighten community awareness of
this
potential problem and to encourage Internet content providers to review
the
data they make available online. A related information piece on
?Terrorists
and the Internet: Publicly Available Data should be Carefully Reviewed?
was
published in the NIPC?s HIGHLIGHTS 11-01 on December 7, 2001 and is
available at the NIPC Web site www.nipc.gov . Of course, the NIPC
remains
mindful that, when viewing information access from a security point of
view,
the advantages of posting certain information could outweigh the risks
of
doing so. For safety and security information that requires
wide-dissemination and for which the Internet remains the preferred
means,
security officers are encouraged to include in corporate security plans
mechanisms for risk management and crisis response that pertain to
malicious
use of open source information.
When evaluating Internet content from a security perspective, some
points to
consider include:
1. Has the information been cleared and authorized for public
release?
2. Does the information provide details concerning enterprise safety
and
security? Are there alternative means of delivering sensitive
security information to the intended audience?
3. Is any personal data posted (such as biographical data, addresses,
etc.)?
4. How could someone intent on causing harm misuse this information?
5. Could this information be dangerous if it were used in conjunction
with other publicly available data?
6. Could someone use the information to target your personnel or
resources?
7. Many archival sites exist on the Internet, and that information
removed from an official site might nevertheless remain publicly
available elsewhere.
The NIPC encourages the Internet community to apply common sense in
deciding
what to publish on the Internet. This advisory serves as a reminder to
the
community of how the events of 9/11/2001 have shed new light on our
security
considerations.
The NIPC encourages recipients of this advisory to report information
concerning criminal activity to their local FBI office
http://www.fbi.gov/contact/fo/fo.htm or the NIPC, and to other
appropriate
authorities. Recipients may report incidents online at
http://www.nipc.gov/incident/cirr.htm , and can reach the NIPC Watch and
Warning Unit at (202) 323-3205, 1-888-585-9078 or nipc -
watch -!
- fbi -
gov .
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.