This newsletter is intended for people and companies interested in disaster recovery and is only sent to people who subscribe. Back issues are archived on our Web site (http://www.binomial.com). Sometimes, the emailed newsletter is truncated by your server because of its length. This current issue is now available at http://www.binomial.com.

Each month, we search through over thousands of articles to find information on disaster recovery planning, business continuity planning, and more.

ANYONE CAN CONTRIBUTE, JUST SEND SNIPPETS TO: letter@binomial.com

In this Issue:

• 2001: YEAR OF THE KILLER HACK ATTACKS ?
  
• GRIDLOCK ON THE INTERNET
  
• FEMA ANNOUNCES DISASTER RESISTANT UNIVERSITIES
  
• SOME INTERESTING NEW SITES
  
• NEXT BCP SEMINARS WILL BE IN MINNEAPOLIS, . . .
  
• SURVEY RESULTS
  
• SIMPLE STEPS TO PROTECT YOUR COMPANY
  
• A GROWING TREND
  
• PHOENIX 2000b
  
• LINKS TO DRP SITES OF INTEREST
  
• DON'T LET THIS GUY NEAR THE RECOVERY PLAN
  
• KRIS KRINGLE
  
• EVENTS
  

Last week, in San Diego, my niece was driving to the airport in the evening when another care pulled alongside and a passenger in that car fired six shots into my niece's car. She was unhurt and luckily alone in the car. The two kids' seats in the back were pretty shot up. It made me think about how fast fortunes can change. If she was one of your employees and the results had been less fortunate, your plan better provide for the loss of an employee/team member.

Tonight, I received a call from a company, also in San Diego, that had just been hit with some computer nastiness, which they think is a virus. None of the software they have will fix it. I suggested they call the Disaster Recovery Journal ( www.drj.com ) and the Disaster Resource Guide ( www.disaster-resource.com/ ) looking for references to companies that can help. Once again, this is an incident that happens so quickly and brings you to your knees. Be prepared.

2001: YEAR OF THE KILLER HACK ATTACKS ?

The year 2000 is ending as it began, with a DDoS attack threatening a large part of the Internet. And more of the same is expected in 2001. A DDoS attack is a distributed denial of service. The latest reported DDoS occurred last week in Denmark where hackers gained control of more than 50 zombine servers and were preparing an assault on the country's systems. A 17-year-old was arrested. Also last week:

• Creditcards.com was hacked and 55,000 card numbers were held hostage for $100K. The hacker eventually posted the card numbers on the Web.
• Thousands of medical records for heart patients were accessed at the University of Washington Medical Center. Officials first denied, then confirmed the attack. Social Security numbers were included.
• Warnings were given by @stake Inc. are the security flaws in AOL Instant Messenger.

A DoS can work like this:

1. Using techniques and software available to a teenager, the attacker detects and takes control of three or four vulnerable computers on the Web, such as email or other servers.
2. The owners of these computers are likely unaware that the attacker has placed special programs in their computers. These programs then command hundreds of other vulnerable computers.
3. At the attacker's signal, the three or four host computers command the other machines to send a barrage of message to a target Website's servers.
4. The Website servers keep trying to respond to the thousands of incoming messages, eventually shutting down or severing restricting service to legitimate users. Because the messages have fraudulent return messages, site administrators have difficult knowing how to respond.

During 2000, this method caused interruptions for such notables as Yahoo, HMV Canada (music retailer), Amazon.com, CNN.com, Buy.com, eBay online, E*Trade, ZDNet. The programs used can disguise the source of the attack and don't leave a trail.

There are still penalties. In the U.S., a first offence is punishable by up to FIVE YEARS in prison and a fine of $250,000.

Current viruses to watch for include: Navidad, Bymer worm, Trinity Version 3, Kakworm, and Forgotten.A .

References:eWeek, Maclean's Business

GRIDLOCK ON THE INTERNET

Damage to one of the world's busiest Internet cables created chaos for millions of people in Australia, Asia and Europe. The SEA-ME-WE 3 cable which links the three continents was damaged on the sea floor about 100 kilometres from Singapore.

Telstra Australia's biggest Internet service provider with more than 650,000 customers relies on the cable for 60 per cent of its traffic. Hundreds of other Australian ISPs also use it. The gridlock was the biggest Internet problem Australia had seen.

At the height of the problem, Telstra's Internet was working at just over 30 per cent capacity meaning that about two-thirds of its users had slow access, or could not be connected.

The 39,000-kilometre SEA-ME-WE 3, which only began operating last year, is the world's longest telecommunications system. It has 40 landing points in 34 countries on four continents, stretching from western Europe (including Germany, Britain and France) to the Far East (including China, Japan and Singapore), to Australia. Its bundle of superfine optical fibres can transfer 20 gigabits of information a second the equivalent of about 5,000 medium-length novels, 500,000 simultaneous telephone chats or a million pages of email. About 100 telecommunications companies around the world including Telstra are partners in the $1.7 billion project.

FEMA ANNOUNCES DISASTER RESISTANT UNIVERSITIES

To help colleges and universities limit future property and economic damage due to natural disasters, the Federal Emergency Management Agency (FEMA) has launched a Disaster Resistant Universities initiative. The program provides about $100,000, to be matched equally by the receiving institution, to enable universities to assess their vulnerabilities to natural hazards and to implement strategies to limit damage before disasters occur. Five campuses have been selected as initial participants: Tulane University, the University of Alaska-Fairbanks, the University of Miami, the University of North Carolina-Wilmington, and the University of Washington-Seattle.

The Disaster Resistant Universities initiative will encourage these new participants to identify risks and undertake preventive actions at the local level, establish public-private partnerships, and encourage long-term efforts and investments in risk reduction. For more information, contact FEMA, Mitigation Directorate, Project Impact, 500 C Street, S.W., Washington, DC. 20472; and/or see: http://www.fema.gov/nwz00/nwz00_56.htm

SOME INTERESTING NEW SITES

http://www.animaldisasters.com a resource for professional emergency managers and animal care providers who have an interest in improving the care of animals and their owners in disasters.

http://disaster.ifas.ufl.edu The Disaster Handbook

http://www.udel.edu/DRC pubs of the Disaster Research Center (DRC) at the University of Delaware

http://www.disasterlinks.net links to disaster Web sites

http://www.eclacpos.org/sustdev/CARLINKS/dislink.htm Caribbean links

http://www.crh.noaa.gov/pub/ltg/crh_colo_ltg_res_center.html Colorado Lightning Resource Center Web

NEXT BCP SEMINAR WILL BE IN MINNEAPOLIS, THEN TEXAS, THEN WASHINGTON, FOLLOWED BY CHICAGO, ORLANDO, LAS VEGAS, PASADENA . . .

We have scheduled several new dr seminars

(Business & Disaster Continuity Planning) will be in

1. Minneapolis (January 29-31) Stay for the RIMS Conference Feb 1 same place.
2. Washington (May 14-16) .

Come and learn how to be ready for all disasters.

Attendees at all of our seminars learn all about dr, receive a full, registered version of our world-renown software system, Phoenix 2000b and each develop a disaster recovery plan for their own company. All attendees can also attend any future seminar for a small fee. The schedule and seminar content can be seen at www.binomial.com. Still a few seats left.

SURVEY RESULTS

The results of a year-long, survey in the U.K.

• - 88% of e-commerce isn't covered by DR or BC plans
• - 42% of managers don't believe their plans would be effective
• - 92% of companies fail to update their testing or planning following upgrades or new systems installation
• - 69% of firms don't feel their have adequate BC provisions
• - 40% of firms have concerns over the capabilities of their DR providers
• - 53% of firms recover less than 25% of their total losses through insurance
• - 62% of firms don't test their plans for over 12 months
• - an effective DR plan can reduce losses by 90%
• - 77% of companies said insurance only covered part of their losses
• - in 84% of loss cases, it took over 3 months to get insurance payouts; in 33% it took over 6 months
• - 71% of recovery managers believe lack of understanding is a major inhibitor to effective recovery planning.

SIMPLE STEPS TO PROTECT YOUR COMPANY

• Put in place a regular, reliable backup regime and ensure that trained personnel strictly implement it. This should include a verification process to make sure the backups work and are recording the right files.
• Duplicate the backups with a second set of tapes.
• Monitor the backup to ensure it has taken place and watch for anything unusual.
• Keep at least one set of backups offsite
• Backup before installing any new software
• Leave your systems on in controlled environmental conditions. HW and SW failures happen most often at start-up and shut-down.
• Keep up with the technology

A GROWING TREND

We have been noticing that it is getting harder to train recovery team members. Pressures of production work often prevent adequate time for training. We recommend that you review (and rewrite where necessary) your plans to allow for intelligent but untrained team members when the disaster occurs. Be realistic. If your people won't train, then you have to modify your plan to allow for this.

PHOENIX 2000b

We are pleased to announce the release of Phoenix 2000b, the latest version of our disaster recovery planning software system. A working demo version of this system is available for free download from http://www.binomial.com and upgrading to this version is free for all current customers. Send us an email requesting your upgrade.

This version of Phoenix has integrated the procedures and databases modules. The procedures module contains much more material that earlier versions. Phoenix can now be produced in many languages. Take a look and tell us what you think. Feedback is always welcome.

LINKS TO DRP SITES OF INTEREST

You will find links to DRP sites of interest at: Links

Over 800 links are now listed here.

Interesting links may be found at: www.fema.gov/fema/whatsnew.html

Also check www.colorado.edu/hazards/sites/sites.html

Also check www.colorado.edu/hazards/dr/currentdr.html

DON'T LET THIS GUY NEAR THE RECOVERY PLAN

The IT manager at a testing lab loses his night-shift data processing analyst, but boss puts the kibosh on hiring a replacement.

So, for the next 18 months, fish reports for work himself at 4 a.m., "so reports can be on all the engineers' desks at 8 a.m."

Come annual review time, the manager's review stinks. What's the problem? he asks his boss. Boss hems and haws, then finally says, "You've been seen leaving for lunch and not returning. A lot."

"Do you have any idea what time I get to work?" the manager asks.

Boss admits he doesn't, so the manager has him call in the gate guard, who shows the boss the security log. There's the manager, in at 4 a.m. every morning.

Boss is indignant. "How long has this been going on? Why wasn't I told?"

KRIS KRINGLE

A flight certificate was issued this week to Kris Kringle, dba Santa Claus, for an eight-reindeer sleigh and praised Santa's remarkable 100-percent on-time record. A safety inspection of the sleigh revealed no maintenance problems, and a computer search failed to uncover any Airworthiness Directives that might affect the aircraft's return to service. And, as ever, the folks at NORAD (North American Aerospace Defense Command) will be tracking Santa's progress live on the Internet starting on Christmas Eve.

Check out for Santa's progress and a favorite holiday graphic at http://www.noradsanta.org/ .

EVENTS

BINOMIAL Business/Disaster Recovery Planning Seminars

www.binomial.com

SEMINAR DATES & LOCATIONS

FUTURE	SEMINARS	IN	2001
MINNEAPOLIS	January	29-31	2001
TEXAS	April		2001
WASHINGTON	May	14-16	2001
CHICAGO	June		2001
ORLANDO	September		2001
LAS VEGAS	October		2001
PASADENA	November		2001

We have moved all of the events information to Events to save space in your email.

letter@binomial.com
www.binomial.com
BINOMIAL (800) 361-8398(V) (520) 441-4170(F)