DENVER - (Business Wire) Warning that both domestic and foreign cyber terrorists are smarter than ever, computer security experts at Ensuren Corporation are concerned that this summer
’s Democrat and Republican national conventions could be easy targets unless security staffs take aggressive steps to identify and repel organized cyber attacks.
“It’s a good bet the cyber terrorists are already planning on ways to disrupt these two international public events in order to embarrass the U.S. before the world,” said Ken Miller, CEO of Denver-based Ensuren Corp., which provides layered security solutions for critical infrastructure such as power plants, refineries, water treatment, and transit systems.
Ensuren said the 2008 conventions can expect a higher level of threat from cyber terrorists than the 2004 conventions because domestic and international cyber terrorists are more organized and better coordinated now, more aggressive and better funded, and there is more wired and wireless Internet connectivity now than ever before.
The Democratic National Convention is set for late August in Denver, and the Republican Convention is in Minneapolis in September. While physical security is expected to be extensive, Ensuren is concerned that since both conventions and their participants will be running interconnected networks, and there is likely to be wireless computer access from the convention floor, controlling cyber terrorists will require sophisticated computing architecture such as:
- Compartmentalization of the convention networks, which is cordoning off disparate networks electronically within the event arena, to prevent cyber terrorists from attacking an entire computer system. Using compartmentalization strategies allows security personnel to contain breaches in a small area rather than allowing widespread propagation.
- Layering of security systems at network gateways, including numerous firewalls and other security devices through which cyber terrorists will find it difficult or impossible to penetrate.
- Wireless networks should be treated as untrusted networks that will be compromised and should be firewalled accordingly. Wireless networks should be used only for monitoring or “view only” functions.
- Prohibiting the use of portable media (i.e., USB devices) which support propagation of malware throughout the convention floor, especially in wireless environments.
- Use of “cleansed” convention-supplied computer equipment so the threat of compromise (intended or unintended) from third-party vendor systems is minimized.
- Intense background screening, employment checks, and physical scanning of personnel, laptops and desktops at entry points to limit transport of devices containing malware. Vendors and the media may have been unknowingly compromised weeks before the events.
- Appointing a single entity (i.e., Security Officer) responsible for overall security so this person can implement and manage a holistic strategy for both physical and cyber security.
“Cyber terrorists are going to try to make one or both parties look untrustworthy, disorganized, and inept in their ability to run a convention, and that could be a big embarrassment that affects voting in November,” Ensuren said.
For more information, please visit www.ensuren.com.
For Ensuren Corporation, Denver
Andy Bowen, 813-251-8720
