Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Pandemic Preparation - Swine Flu - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Pandemic Preparation - Swine Flu

The current WHO phase of pandemic alert is 3/6 (1200 EDT 27/04/2009)

Lots of news about the Swine Flu outbreak in Mexico. Right now, cases are reported in the US, Canada, New Zealand, Hong Kong and Spain. We have covered pendemic preparedness before, so let me just list a few pointers and a couple highlights:

- don't count on locking up your NOC staff in the NOC. They want to be home with family. Be ready to operate in "lights out" mode remotely with minimal or no staff.

- everybody will try to do the same thing. Cell phone data connectivity and broadband internet connections may be overloaded at times. Panic breeds inefficiency.

- don't panic. Try to find news reports and don't fall for the hype some news media will spread to attract viewers. Stick to reputable sources (www.cdc.gov and such comes to mind).

So far, about 80 people died from it. The best number I could find for people infected stated that "more then 1000 had symptoms". Most of the infections in the US happened to children in high school and all of them appear to be fine so far.

Stephen Northcut maintains a nice page with links to news reports and such: http://www.sans.edu/resources/leadershiplab/pandemic_watch2009.php

 Quick update with some reader input:

- travel to / from Mexico is still unrestricted, but discouraged. Many airlines will waive rebooking fees.
- Texas announced that it may put retrictions for travel out of Texas in place if more cases are found in Texas.

Travel restrictions are probably the most likely impact in the short term. Make sure to double check any travel plans.

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute     follow johullrich on twitter

I will be teaching next: Intrusion Detection In-Depth - SANS Boston Summer 2019

Johannes

3578 Posts
ISC Handler
How long before spam and malicious Swine Flu/Tamiflu websites pop up. Better keep an eye out for domains being registered with these words.
Michael

32 Posts
I already received several spam for \"immune system booster\".
Michael
16 Posts
I wrote on this subject a bit over a year ago, looking at the impact on business operations and trying to take lessons from Katrina and other recent "disaster" scenarios. My article can be found at InformIT: http://www.informit.com/articles/article.aspx?p=1149125

A pandemic outbreak will hit us in several ways:

1) People at home with the flu
2) People at home caring for someone who is sick
3) People at home to avoid getting sick
4) People leaving the area where infection is spreading

Will your "work from home" infrastructure scale? Citrix based solutions don't scale well, but will OWA be enough to support your staff? You probably have secondary staff trained; what about tertiary? How small a staff can you operate with? How well can they maintain operations remotely? Have issues VPN tokens to all staff yet? If not, how long will it take to get them deployed? Is everyone trained to use your remote access solution, whatever type it is? How will you communicate if normal communications are overloaded? Do you have cell phone, home phone, email addresses, residential addresses, etc?

Just food for thought. Don't panic... prepare!
Michael
12 Posts

Sign Up for Free or Log In to start participating in the conversation!