Previous Document IconPrevious Info Memo

Next Document IconNext Info MemoExam Manual Table of Contents IconList of Info Memos

Informational Memorandum
Subject:Warning on Web Site Security
Date of Memorandum:03/01/2000
Expiration Date:
Office:OE
Signed By:Smith, Roland
FCA Contact Person:Holland, Tom
Contact Phone:703-883-4484
List of Attachments:none

INFORMATIONAL MEMORANDUM



March 1, 2000


To: The Chief Executive Officer
All Farm Credit System Institutions

From: Roland E. Smith, Director /s/
Office of Examination

Subject: Warning on Web Site Security


Recent security breaches at such popular Internet sites as E*TRADE, Yahoo, and eBay were widely reported in the media. These attacks interrupted customer access by overloading the sites with more information than the computers could handle. The overload of information causes the Web sites to halt normal E-Commerce activities. The attacks demonstrate that "hackers" are not always motivated by financial gain or to obtain access to private information. Instead, such attacks can be directed solely to destroy an entity’s internal systems and hinder its capacity to carry on normal business operations. Still other "hackers" are motivated by the perceived challenge to intrude a Web site’s internal system.

Farm Credit System (FCS) institutions should use the recent attacks to gain insight into Internet vulnerabilities. We recommend that FCS institutions immediately review and update their ability to respond to such attacks and other security threats. Further, we recommend that you periodically test network security, update risk assessment techniques, and review other internal controls relevant to Web site security. Future examinations will include a review of security measures taken by FCS institutions to prevent breaches of Web sites.

If your Web site is attacked, you should immediately report the event to law enforcement authorities and notify Tom Glenn at (703) 883-4412. Also, feel free to correspond with him on the Internet at e-mail address glennt@fca.gov if you have any questions about this memorandum.