|Subject:||Warning on Web Site Security|
|Date of Memorandum:||03/01/2000|
|Expiration Date:|| |
|Signed By:||Smith, Roland|
|FCA Contact Person:||Holland, Tom|
|List of Attachments:||none|
March 1, 2000
To: The Chief Executive Officer
All Farm Credit System Institutions
From: Roland E. Smith, Director /s/
Office of Examination
Subject: Warning on Web Site Security
Recent security breaches at such popular Internet sites as E*TRADE, Yahoo, and eBay were widely reported in the media. These attacks interrupted customer access by overloading the sites with more information than the computers could handle. The overload of information causes the Web sites to halt normal E-Commerce activities. The attacks demonstrate that "hackers" are not always motivated by financial gain or to obtain access to private information. Instead, such attacks can be directed solely to destroy an entity’s internal systems and hinder its capacity to carry on normal business operations. Still other "hackers" are motivated by the perceived challenge to intrude a Web site’s internal system.
Farm Credit System (FCS) institutions should use the recent attacks to gain insight into Internet vulnerabilities. We recommend that FCS institutions immediately review and update their ability to respond to such attacks and other security threats. Further, we recommend that you periodically test network security, update risk assessment techniques, and review other internal controls relevant to Web site security. Future examinations will include a review of security measures taken by FCS institutions to prevent breaches of Web sites.
If your Web site is attacked, you should immediately report the event to law enforcement authorities and notify Tom Glenn at (703) 883-4412. Also, feel free to correspond with him on the Internet at e-mail address email@example.com if you have any questions about this memorandum.