Surviving information warfare attacks

The past few years have seen governmental, military, and commercial organiz ations widely adopt Web-based commercial technologies because of their conv enience, ease of use, and ability to take advantage of rapid advances in th e commercial market. With this increasing reliance on internetworked comput er resources comes an increasing vulnerability to information warfare. In t oday's heavily networked environment, safety demands protection from both o bvious and subtle intrusions that can delete or corrupt vital data. Traditi onally, information systems security focuses primarily on prevention: putti ng controls and mechanisms in place that protect confidentiality, integrity , and availability by stepping users from doing bad things. Moreover, most mechanisms are powerless against misbehavior by legitimate users who perfor m functions for which they are authorized: the so-called "insider threat." Many network-based attacks, such as password sniffing and session hijacking , allow an attacker to masquerade as a legitimate user. Although, ultimately, preventing malicious attacks from succeeding is key, not all attacks can be averted at the outset. The goal therefore should be to develop an adaptable system that maintains maximum availability even whe n under attack: At any time, healthy components of the system remain availa ble while damaged components have either limited or no availability.