This newsletter is intended for people and companies interested in disaster recovery and is only sent to people who subscribe. Back issues are archived on our Web site (http://www.binomial.com). Sometimes, the emailed newsletter is truncated by your server because of its length. This current issue is now available at http://www.binomial.com.
Each month, we search through over thousands of articles to find information on disaster recovery planning, business continuity planning, and more.
ANYONE CAN CONTRIBUTE, JUST SEND SNIPPETS TO: letter@binomial.com
In this Issue:
All someone said was "Hi, Jack!" but at a suburban Detroit airport, that was enough to create a crisis.
A microphone happened to be open when someone greeted the pilot of a corporate jet, and the tower heard "hijack".
Airport officials called the police, The police called the county SWAT team, the FBI and other federal authorities.
The plane was told to return to the tower and the pilot's identification was checked.
They'll probably pass a rule that no one named Jack can ever be hired in aviation again.
WASHINGTON (AP) -- You can now buy online fake passports, Social Security cards, birth certificates, driver's licenses, college diplomas, press credentials and even IDs for police officers and FBI agents. They're fraudulent but authentic-looking enough to enable users to steal people's identities, get loans or convince enemies they're being arrested. Some people are buying them online and some are making them yourself. A young convicted felon told a Senate panel how he created phony documents using a computer at a public library and public government records online. He used the bogus documents to get $59,000 in car loans.
The new and growing Internet phenomenon accounts for about 30 percent of all fake ID documents in this country, according to some law enforcement officials.
There are three levels of fake ID procurement:
The fake IDs often contain holograms, bar codes, magnetic stripes and other security features added to genuine documents to prevent counterfeiting.
The SEC does not require Social Security numbers in corporate filings, but some official SEC forms have, in the past, included boxes for the numbers that can be provided voluntarily. Officials of several corporations have provided their numbers, but it is not clear why.
In a criminal case that allegedly involves false ID, authorities believe a N.J. man flashed an emergency medical technician badge and computer-generated FBI credentials to gain access to the motel room of a British computer consultant. The consultant was later killed.
Smart cards overcome weaknesses that allow passwords to be hacked.
U.S. firms could be losing more than $250-billion (U.S.) to information thieves, the International Computer Security Association (ICSA)in Reston, Va., reports. Most password-protection programs are easy to crack. "Even a hobbyist can crack most of these codes in a few hours." That means security based on what you know, such as a personal identification number or password, is often inadequate. But if you add a physical device, then software cracking alone won't work.
One such device is a smart card, with an embedded memory chip. It is based on the concept that a user must know something, usually a PIN, and also have something, the card in this case. Unlike biometric devices that require users to register personal information such as retina patterns, smart cards are no stranger than identification badges. And they work. Smart cards are better than biometric devices because their embedded processors contain software for encryption, passwords, tokens that allow access to various programs and predetermined privileges. The cards get around the weakness of all passwords that can be hacked. They should be the next wave in security. Although smart cards have been cracked, the effort required to get around their protections is immense. The current thinking is that it can be done in a supercomputer lab. With high-level, military-signals analysis, it can be done. But the effort is horrendously expensive.
A new example of smart-card technology allows computer use to be controlled by a network administrator. A card made by E-Z Lock PC Inc. has up to 10 kilobits of data that identify the user and passwords, and define what applications the card can access. It activates the computer when inserted into a slot on a special keyboard or other desktop reader, and also can be inserted into the PC card slot on portable computers. The card can provide multiple passwords as well, one for the operating system and another for designated applications. Full encryption of data through complex codes can be incorporated into the card. Another card that simplifies digital signatures for documents, authenticates credit card and other payment orders and generates one-time passwords is being marketed by ActivCard.
When computer vendors quote uptime to you, what it really mean ? Would you be happy with 99% uptime ? Sounds good until you realize that you couldn't do business for four days.
| Uptime Percentage | Annual Loss of Time |
|---|---|
| 97% | 11 Days |
| 99% | 4 Days |
| 99.9% | 9 hours |
| 99.99% | 53 minutes |
| 99.999% | 5.3 minutes |
| 99.9999% | 30 seconds |
Most U.S. hospitals found unprepared to handle chemical, biological attack : Should a large scale biological or chemical attack be launched against U.S. civilians -- there is no practical contingency plan to handle it, according to a report published in Journal of the American Medical Association.
Hospitals and other health care facilities are "poorly prepared" to care for victims of such an attack, the report said. Terrorism experts say the probability of such an attack on any single U.S. city is low. However, they add, it's not so much a matter of if or when it will happen, as it is a question of where the attack will take place.
Terrorist activities that would affect a large number of civilians are of greatest concern. The JAMA study's authors looked at key elements of effective hospital response including decontamination and triage, medical therapy and coordination with public health agencies and emergency response personnel.
Five years ago, the Federal Government spent $158 million to train firefighters, police and emergency medical service workers in 120 cities to deal with bioterrorism.
Experts say biological and chemical attacks shift a large part of the burden away from police and firemen to hospitals and health care workers.
Currently, only about 25 percent of 6,000 U.S. hospitals are at some state of readiness for a chemical or biological incident, according to the American Hospital Association.
There has been only one successful biological attack in the United States. In 1984, the Rajneesh cult poisoned salad bars in Oregon with salmonella, sickening some 750 people.
We have scheduled several new dr seminars
(Business & Disaster Continuity Planning) will be in
Come and learn how to be ready for all disasters.
Attendees at all of our seminars learn all about dr, receive a full, registered version of our world-renown software system, Phoenix 2000a and each develop a disaster recovery plan for their own company. All attendees can also attend any future seminar for a small fee. The schedule and seminar content can be seen at www.binomial.com. Still a few seats left.
One of the most comprehensive on-line community for Business Continuity Planners has just been launched - at http://www.ContinuityPlanner.com. This FREE, member-to-member service hosted by the Disaster Recovery Information Exchange (South-Western Ontario chapter).
This site is completely non-profit, is financially supported by corporate sponsorship and Open to all individuals interested in business continuity planning.
We at Binomial were impressed enough to become a Founding Sponsor. Other Founding Sponsors include Recall, VytalVault, Arcus Data Security, IBM,Comdisco, Turtlecase, the Disaster Recovery Journal,Survive!, and the Disaster Resource Guide.
Community members have access to a wide range of services through ContinuityPlanner.com, including:
http://www.ContinuityPlanner.com
JUST IN CASE YOU COULD STILL DISTINGUISH AN AIRPLANE FROM A BUS...
If you're irritated by the cramped seats and poor service on commercial flights, you're going to love the latest bright idea to make flying in an airliner even more like riding on the bus: ads on the overhead bins. Advent Advertising, of Kansas City, says it's in the process of recruiting airlines and advertisers for its Advent Airads product. "What we offer is a revolutionary product that adds to the stylish, elegant interior design of today's aircraft," said Advent, in a news release that described the bins as "among the most hotly coveted pieces of real estate on commercial airlines."
Just how stylish will the ads be? Advent's news release said the ads, on placards no larger than 8 inches tall and 20 inches wide, can only feature company, brand or product names and logos, and must be printed in the same color as the overhead-bin door. Advertisers would have to pay for ads on at least every fourth bin door, which means there could be no more than 10 to 12 different advertisers on one plane, but an advertiser could also choose to buy all the doors -- options similar to those available for advertisers on New York subway cars. To participate, airlines will have to allow their entire fleet to be fitted with the Advent Airads kit, which the company says can be done in a mere 30 to 45 minutes per plane.
The Darwin awards are given annually (and posthumously) to those individuals who did the most for the human gene pool by removing themselves from it.
Three young men in Oklahoma were enjoying the upcoming Fourth of July holiday and wanted to apparently test fire some fireworks. Their only real problem was that their launch pad and seating arrangements were atop a several hundred thousand gallon fuel distillation storage tank. Oddly enough, some fumes were ignited, producing a fireball seen for miles.
They were launched several hundred feet into the air and were found 250 yards from their respective seats.
I have traveled the length and breadth of this country and talked with the best people, and I can assure you that data processing is a fad that won't last out the year.
But what ... is it good for?
We are pleased to announce the release of Phoenix 2000a, the latest version of our disaster recovery planning software system. A working demo version of this system is available for free download from http://www.binomial.com and upgrading to this version is free for all current customers. Send us an email requesting your upgrade.
This version of Phoenix has integrated the procedures and databases modules. The procedures module contains much more material that earlier versions. Phoenix can now be produced in many languages. Take a look and tell us what you think. Feedback is always welcome.
You will find links to DRP sites of interest at: Links
Over 800 links are now listed here.
Interesting links may be found at: www.fema.gov/fema/whatsnew.html
Also check www.colorado.edu/hazards/sites/sites.html
Also check www.colorado.edu/hazards/dr/currentdr.html
BINOMIAL Business/Disaster Recovery Planning Seminars
| LAS VEGAS | October | 3-5 | 2000 |
| CHICAGO | October | 17-19 | 2000 |
| AUSTIN, TEXAS | October-November | 31-2 | 2000 |
| CHICAGO | December | 5-7 | 2000 |
We have moved all of the events information to Events to save space in your email.
letter@binomial.com
www.binomial.com
BINOMIAL (800) 361-8398(V) (520) 441-4170(F)