VA-CIRC Team Proactively Protects the Department of Veterans Affairs Against Damage From Rampant MyDoom Virus.Business Editors/High-Tech Writers SAN ANTONIO--(BUSINESS WIRE)--Feb. 10, 2004 SecureInfo Thought Leaders Use Expert People, Processes and Technology to Innovate the Premier Industry Model for Managing Network Security in a Large Enterprise SecureInfo Corporation, a recognized leader in providing enterprise cyber security solutions, today announced that its VA-CIRC (Veterans Affairs Veterans Affairs is a term of the business that deals with the relation between a government and its veteran communities, usually administered by the designated government agency. Central Incident Response Capability) team, under the guidance and direction of the OCIS OCIS Oxford Centre for Islamic Studies (UK) OCIS Optics Classification and Indexing Scheme OCIS Organized Crime Information System OCIS On-Line Customer Information System (Office of Cyber and Information Security), successfully prevented the MyDoom virus from disrupting VA business processes. The VA-CIRC team, assisted by the VA-NSOC (Network and Security Operations Center A Security Operations Center is a centralised unit in an organisation that deals with security issues. The Transportation Security Administration (TSA; an agency within the US Department of Homeland Security) has implemented Security Operations Centers (referred to as SOC) ) team, monitors and manages network incidents across the VA enterprise to ensure protection of the confidentiality, integrity and availability of the private information of American veterans and their dependents. The recent MyDoom virus, a mass-mailing virus now known as W32/Novarg.A, W32/Shimg, or W32/Mydoom, has become one of the fastest spreading viruses in history, affecting millions of home users and computer networks across the globe. MyDoom arrives as an e-mail message with a 22,528-byte attachment that has a random filename with a file extension of .cmd, .pif, .scr, .exe, or .bat. This malicious code has been reported to open a connection on port 3127/tcp or port 3176/tcp. Additionally, the MyDoom virus spread through peer-to-peer file sharing Copying files from one computer to another. See peer-to-peer network, file sharing protocol and file and printer sharing. networks by copying itself into the default folder used by KaZaA to share files. "Under the leadership of the Secretary of Veterans Affairs Noun 1. Secretary of Veterans Affairs - the person who holds the secretaryship of the Department of Veterans Affairs; "Bush appointed Edward J. Derwinski as the first Secretary of Veterans Affairs" and the direction of the Chief Information Officer, the VA's Office of Cyber and Information Security maintains a government leading monitoring and incident response capability for the protection of private electronic information for the veterans," said Bruce Brody, Associate Deputy Assistant Secretary, Office of Cyber and Information Security (OCIS) for the Department of Veterans Affairs. "We have established a world-class computer security team that is focused on making sure the VA is prepared to face the growing trend of malicious computer related events, such as MyDoom, and other such cyber-terrorism that threatens our critical infrastructure." The fundamental functionality of the VA's NSOC NSOC National Security Operations Center NSOC Network Security Operations Center (IBM) NSOC Navy Satellite Operation Center/Control NSOC National SIGINT Operations/Reporting Center lies in its ability to detect, alert, monitor, track and prevent security incidents that could result in the disruption of critical business missions and the loss of significant taxpayer dollars. VA-CIRC then provides rapid response capabilities across the enterprise to contain exploitative activity before it impacts VA operations by tracking and analyzing real-time data Real-time data denotes information that is delivered immediately after collection. There is no delay in the timeliness of the information provided. Some uses of this term confuse it with the term dynamic data. to ascertain the nature and severity of each incident. The VA-CIRC continues to set the standard in managed security operations and incident response in the Federal Civilian Government by monitoring over one thousand devices around the clock, across the VA enterprise. These devices result in over 9.5 billion monitored transactions per day. This results into an average of 160,000 suspicious security events (such as MyDoom) per day in which the VA-CIRC security experts report, analyze and respond in an effort to protect critical VA informational assets. "Our ability to have total situational awareness Situation awareness or situational awareness [1] (SA) is the mental representation and understanding of objects, events, people, system states, interactions, environmental conditions, and other situation-specific factors affecting human performance in of not only the entire VA enterprise infrastructure, but also understanding and analyzing actionable intelligence Having the necessary information immediately available in order to deal with the situation at hand. With regard to call centers, it refers to agents having customer history and related product data available on screen before the call is taken. in real-time, helped our team to quickly avert MyDoom without any operational downtime," said Rob Dao, Senior Director of Security Services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the for SecureInfo and the VA-CIRC Program Manager. "Knowing the security posture of our enterprise 24x7 allows us to view and analyze critical events days before they impact the network. In most cases I would compare it to slowing down time, seeing the threat materialize and then neutralizing the threat before it hits, whereas most organizations see these suspicious events days later and are then forced to use reactive measures," he added. To accomplish these proactive prevention measures, OCIS established a diagnostic, layered and centralized approach to the protection of critical information. This process, which began in March of 2001, starts by truly understanding the security problems at hand and developing a framework for solving these problems. This framework involves designing security into the enterprise architecture and implementing a defense-in-depth strategy. Priorities are then established, such as defending the boundaries of the enterprise from external attack and internal data centers from all attacks, or centralizing cyber-security technical and operational controls wherever feasible. Organizations and resources are then aligned to the solution, and standardization, consolidation and centralization become the focus for managing information security throughout the VA. About The Department of Veterans Affairs The Department of Veterans Affairs (VA) was established in 1989. It succeeded the Veterans Administration and has responsibility for providing federal benefits to veterans and their dependents. Headed by the Secretary of Veterans Affairs, VA is the second largest of the 14 Cabinet Departments and operates nationwide programs of health care, financial assistance and national cemeteries. Additional information about the VA is available at http://www.va.gov./. About SecureInfo Corporation SecureInfo Corporation is a leading provider of enterprise security management solutions to Government and commercial organizations. Leveraging its vast knowledgebase of information security, SecureInfo's solutions offer a holistic approach holistic approach A term used in alternative health for a philosophical approach to health care, in which the entire Pt is evaluated and treated. See Alternative medicine, Holistic medicine. to help customers manage risk to their enterprise, including complying with security regulations, managing and mitigating security vulnerabilities, monitoring and managing network security operations, incident response and analysis, as well as professional training and consulting offerings. The Company's customers and partners include the Veterans Administration, Department of Homeland Security Noun 1. Department of Homeland Security - the federal department that administers all matters relating to homeland security Homeland Security executive department - a federal department in the executive branch of the government of the United States , United States Air Force United States Air Force (USAF) Major component of the U.S. military organization, with primary responsibility for air warfare, air defense, and military space research. It also provides air services in coordination with the other military branches. U.S. , General Dynamics General Dynamics Corporation (NYSE: GD) is a defense conglomerate formed by mergers and divestitures, and as of 2006 it is the sixth largest defense contractor in the world[1]. The company has changed markedly in the post-Cold War era of defense consolidation. and Northrop Grumman Northrop Grumman Corporation (NYSE: NOC) is an aerospace and defense conglomerate that is the result of the 1994 purchase of Grumman by Northrop. The company is the third largest defense contractor for the U.S. . SecureInfo's success has received national recognition, including being listed on the Inc. 500 and named San Antonio's second fastest growing company. Additional information is available at www.secureinfo.com. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion