[funsec] "Fortune 1000 Companies Sending Spam, Phishing" (slashdot)

Sean Donelan sean at donelan.com
Fri Mar 30 12:39:19 CDT 2007


Brian Loe <knobdy at gmail.com> said:
> On 3/30/07, Paul Vixie <paul at vix.com> wrote:
> ><SNIP>
> > From the story: '...an IT
> > engineer with American Electric Power, said the stock spam came from a
> > bot-infected computer belonging to a contractor at one of its power 
generator
> > plants.'"
> >
> 
> That hits close to home in my new position - the government is
> dragging a bit on getting its new regulations in order. Unfortunately
> too, the regulations - or the preliminary guesstimate regulations - do
> not go a long way in providing security as a whole but specifically
> target systems involved in power production, black start systems and
> other systems used in the direct management and monitoring of same.
> That leaves out the most likely to be attacked admin-type systems. I
> much prefer the DoD regulations though they may not go far enough
> either.

And why do you believe government or DOD networks have significantly 
different bot infestations?

Although the washingtonpost pointed at Fortune 1000 companies, this haven't 
changed for many years.  The bot infestations are pretty similar across all 
industries and types of networks (home v. business, government v. 
commercial, financial v. social, etc, etc, etc).




More information about the funsec mailing list