Oak Ridge gets Hacked
Posted by: Andy Alsop in Breaches, tags: Breach, DOE, Hack, incident response, netflow, Network, network dataOak Ridge National Laboratory admitted that they had suffered a breach on October 29th, 2007. Luckily, it appears from this Information Week article that no classified information was compromised. This breach underscores the fact that breaches are inevitable and all organizations whether they are government, non-profit or for-profit must have a comprehensive response and recovery plan.
There are so many situations, reports and news articles where vague statements are used such as the one in the Information Week article: “ORNL said that no classified information was lost but that the personal information of visitors may have been stolen.” “…may have been stolen,” that makes me feel comfortable and secure. When responding to an incident it is necessary to be able to definitively state what actually happened and report a conclusive response. That’s what “incident response” is all about.
A comprehensive recovery plan that includes the ability to perform “deep dives” into all of an organizations network data particularly using NetFlow lets security analysts provide that definitive answer we are all looking for.
Entries (RSS)