secuirty 4 terrorism

more than peace and security

computer security

information security issues are complex and are often rooted in organizational and business concerns. information security requires far more than the latest tool or technology. organizations must understand exactly what they are trying to protect (and why) before selecting specific solutions.

the vast majority of worms and other successful cyber-attacks are made possible by vulnerabilities in a small number of common services. attackers usually take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools.

computer security is a branch of computer technology known as information security as applied to computers and networks. the objective of computer security includes protection of information and property from theft, corruption, or natural disaster, while allowing the information and property to remain accessible and productive to its intended users. the term computer system security means the collective processes and mechanisms by which sensitive and valuable information and services are protected from publication, tampering or collapse by unauthorized activities or untrustworthy individuals and unplanned events respectively. the strategies and methodologies of computer security often differ from most other computer technologies because of its somewhat elusive objective of preventing unwanted computer behavior instead of enabling wanted computer behavior.

cyberwarfare

cyber warfare refers to politically motivated hacking to conduct sabotage and espionage. it is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.

cyberwarfare has been defined as actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption. the economist describes cyberwarfare as the fifth domain of warfare, and william j. lynn, u.s. deputy secretary of defense, states that as a doctrinal matter, the pentagon has formally recognized cyberspace as a new domain in warfare which has become just as critical to military operations as land, sea, air, and space.

in 2009, president barack obama declared america's digital infrastructure to be a strategic national asset, and in may 2010 the pentagon set up its new u.s. cyber command (uscybercom), headed by general keith b. alexander, director of the national security agency (nsa), to defend american military networks and attack other countries' systems. the united kingdom has also set up a cyber-security and operations centre based in government communications headquarters (gchq), the british equivalent of the nsa. in the u.s. however, cyber command is only set up to protect the military, whereas the government and corporate infrastructures are primarily the responsibility respectively of the department of homeland security and private companies. cyber warfare is the least common type of warfare and has not been used effectively to date.
denmark cyber dhekelia now djibouti security cyber dominica top dominican republic cyber east timor cyber security ecuador international passages malibu scam computer security egypt cyber security el salvador cyber equatorial guinea international eritrea cyber security estonia international ethiopia cyber europa island good falkland islands cyber security passages malibu scam controls faroe islands better fiji cyber security finland security france best french guiana security cyber french polynesia long french southern and antarctic lands international gabon top gambia, the security gaza strip security georgia security germany security cyber ghana security cyber gibraltar security cyber glorioso islands good greece cyber greenland better grenada cyber security guadeloupe best guam security cyber guatemala cyber guernsey when guinea terrorism guinea-bissau cyber

security resources

17799:2000 information technology
www.iso.org

computer virus resources
www.cert.org

cybersecurity for the homeland
hsc.house.gov

dod information security program
www.fas.org/irp/doddir/

gao cybersecurity
www.gao.gov/new.items/

homeland security
www.dhs.gov

homeland security cybersecuirty
www.dhs.gov/cybersecurity/

information systems security nsa
www.nsa.gov

microsoft security and privacy
www.microsoft.com/security

microsoft windows update
v4.windowsupdate.microsoft.com/

nasa software safety
www.hq.nasa.gov/office/codeq/

naval systems on-line documents
sepo.spawar.navy.mil/sepo/

praxiom research iso in english
www.praxiom.com/

sans top 20 vulnerabilities
www.sans.org

security links
www.criticalsecurity.com

subcommittee on cybersecurity
hsc.house.gov

symantec internet security
www.symantec.com

top 20 threats network perimeter
sans20.qualys.com

us computer emergency readiness team
www.us-cert.gov/

us-cert events
www.uscert.gov

verified by visa
usa.visa.com/merchants/

virus information mcafee
home.mcafee.com

in february 2010, top american lawmakers warned that the threat of a crippling attack on telecommunications and computer networks was sharply on the rise. according to the lipman report, numerous key sectors of the u.s. economy along with that of other nations are currently at risk, including cyber threats to public and private facilities, banking and finance, transportation, manufacturing, medical, education and government, all of which are now dependent on computers for daily operations. in 2009, president obama stated that cyber intruders have probed our electrical grids. the economist writes that china has plans of winning informationised wars by the mid-21st century. they note that other countries are likewise organizing for cyberwar, among them russia, israel and north korea. iran boasts of having the world's second-largest cyber-army. james gosler, a government cybersecurity specialist, worries that the u.s. has a severe shortage of computer security specialists, estimating that there are only about 1,000 qualified people in the country today, but needs a force of 20,000 to 30,000 skilled experts. at the july 2010 black hat computer security conference, michael hayden, former deputy director of national intelligence, challenged thousands of attendees to help devise ways to reshape the internet's security architecture, explaining, you guys made the cyberworld look like the north german plain.

�those who fail to learn the lessons of the past are condemned to repeat them.� -- george santayana

what value is knowledge?

we are proud to announce the first-ever sale of a major book collection through our company. this extraordinary and wide-ranging collection of books embraces the complex and timely issue of terrorism in such a way as to make the entire history of it accessible. terrorism and history collection

terrorism intelligence

the list rpresents a cross section of web sites that provide information on terrorism and intelligence. intelleigence and terrorism

secure design

design

secure by design, in software engineering, means that the software has been designed from the ground up to be secure. malicious practices are taken for granted and care is taken to minimize impact when a security vulnerability is discovered or on invalid user input. generally, designs that work well do not rely on being secret. it is not mandatory, but proper security usually means that everyone is allowed to know and understand the design because it is secure. this has the advantage that many people are looking at the code, and this improves the odds that any flaws will be found sooner. of course, attackers can also obtain the code, which makes it easier for them to find vulnerabilities as well. also, it is very important that everything works with the least amount of privileges possible . for example a web server that runs as the administrative user can have the privilege to remove files and users that do not belong to itself. thus, a flaw in that program could put the entire system at risk. on the other hand, a web server that runs inside an isolated environment and only has the privileges for required network and filesystem functions, cannot compromise the system it runs on unless the security around it is in itself also flawed. a perfect authentication system for logins does not allow anyone to log in at all, because the user could be a threat to the system. however, some designs can never be perfect. passwords, biometrics, and such are never perfect.