Some large corporate network has been targeted for attack by "the hacking community." Reports show that they have been conspiring on numerous chat rooms across the Internet. The encoded discussions have not been deciphered, but the traffic analysis points to something rather big. It could be a network-based attack. It could be a physical or an inside attack against some particular, but as yet unknown, large corporation. Your company is a large corporation. What will you do?
This ran through my mind as I was listening to the "9/11 Commission" last week, and the questions posed to Dr. Rice. I also thought about it as I read Technical Cyber Security Alert TA-04-11A, telling us TCP is broken, so we should run for the hills. (Okay, it doesn't really say that, but as reported by InfoWorld it sounds like it.)
Just like when the Department of Homeland Security raises or lowers the Threat Advisory (it is "yellow" as I type this), your best bet is to stay the course and continue to make sure you seem to be on the right course. You also need to be able to distinguish between useful and useless information. Or, in Dr. Rice's parlance, recognize what is "actionable."
For an interesting "alternative history," see the April 9. 2004 Easterblog