A list of eleven specific security recommendations is being sent to RedSiren's clients, including both Fortune 100 and mid-tier companies, and is being made available through RedSiren's web site (http://www.redsiren.com). RedSiren experts will also provide access to its CISSP-certified security professionals to answer questions regarding network security issues. They can be reached at firstname.lastname@example.org.
Among the steps companies should take, according to RedSiren(TM), are:
-- Consider closing down all non-essential connections to the Internet, including mail lists, remote access connections and instant messaging;
-- Review existing security policies, ensuring that they are current, fully implemented, managed to and vigorously enforced; and
-- Review network firewall configurations and rules, ensuring that unneeded services are turned off and that access is tightly managed.
"Companies of all sizes should regard what has happened this week as a galvanizing call to be increasingly vigilant about the status of their network infrastructure, and the corporate-critical information residing on it," said L. Dain Gary, RedSiren's Vice President, Security. "This should not be regarded as a reactionary move; rather, it is a series of steps we recommend taking as an ongoing preventative measure."
The FBI's advisory was issued through its InfraGard cyber security initiative, an essential part of the National Infrastructure Protection Center's (NIPC's) nationwide outreach efforts. The program establishes a mechanism for two-way information sharing about intrusion incidents and system vulnerabilities and provides a channel for the NIPC to disseminate analytical threat products to the private sector. There are 56 InfraGard chapters around the United States; Gary is an InfraGard executive board member.
About RedSiren Technologies
RedSiren Technologies provides enterprises with a higher level of security by protecting their computer networks and the corporate-critical information stored on them from unauthorized access. RedSiren, based in Pittsburgh, maintains strategic relationships with a wide range of hardware, software and service vendors, as well as the CERT Coordination Center (CERT/CC), a federally funded research and development center operated by Carnegie Mellon University, and the FBI's InfraGard initiative. More information about RedSiren can be obtained from the company's website (http://www.redsiren.com), or by calling 412.281.4427.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.