Alan Paller (September 17, 1945 - November 9, 2021) was a cyber security expert, the founder of the SANS Institute, and the founder and former president of SANS Technology Institute.[1] (wikipedia)
If an early infectee had an e-mail list with reporters at all the major news services, that would start the cascade. News organizations do not have radical e-mail attachment limits (like a rule banning all picture attachments) because they get legitimate pictures.
In the past 12 to 15 months, attackers have made a massive shift to attack applications. Automated patching started making it harder to find new vulnerable systems, so they went after applications that users are just not patching.
The mature model at CDC could offer some wonderful guidelines for long-term planning at NIPC,
It gives anyone on the Internet who comes in as a browsing user the ability to take control of your site. Instead of looking at Web pages, they can make your computer do whatever they want.
It wasn't just a bunch of paid consultants.
There is a wave of people looking for infected machines. We are getting into the second wave of infections. We haven't figured what they are doing. But we are seeing a very big wave of scanning.
We have made enormous progress over the past five years by forcing the vendors to deliver automated patching. Now the bad guys are saying: 'You did that, now we're going after the applications.' Now we have to start all over again.
Systems integrators pick and choose the parts of the FAR they pay attention to,
It is a situation where MCSEs had no idea that there is a fundamental vulnerability in IIS and ISAPI mapping and so had no way to protect their systems other than after-the-fact patching,
This illustrates that even technologically savvy people have a hard time fighting off denial of service attacks.