|
 |
|
|
©workingarts.com |
Real World Horror Stories A few days ago, the Madera Chamber of Commerce asked me to write an article about real-world information security horror stories. More specifically, to address the reality of virus attacks and how most computer users usually don’t react or “pro-act” until they’ve been infected with the debilitating code. It is indeed human nature to assume that such problems only hit “other people” and that implementing precautions against something as “unseen” as computer viruses or other internet-borne attacks may be perceived as too complicated or, even worse, as not be needed or for your home personal computer. By the way, there is a word for this, it’s called denial. First, the staggering statistics: over 200 new viruses every week, probably over 120,000 security warnings -- not just viruses, but other attacks: Denial of Service, Intrusions, software security holes, rogue applet or ActiveX control attacks, etc. -- will be issued this calendar year. That is more than twice as many as last year’s. What about the clean up cost? Nowadays, clean up is measured in billions of dollars annually, both in technical support time spent removing viruses, and in millions of hours of lost productivity. When a network gets hit, most the organization’s information systems get disrupted: computers, cell phones, Personal Data Assistants (PDAs) and pagers can be flooded with messages forwarded by a worm. Even if the devices themselves are immune to the virus’ payload, as long as they have an IP or email address, they can be flooded with worm-bearing messages because the addresses exist in someone else’s computer address book: your friends, your colleagues or your family. Let’s imagine a small network of 4 to 10 computers at the office. When one computer gets infected with a virus, there is a good chance the others will get infected within days, hours or even minutes, via file forwarding or file sharing. Once the machines are infected, work stops, you call in your security guru, who takes your computers away and attempts to remove the virus. Sometimes the damage can get so bad that the only way to remove the code is by wiping the hard disk clean and reinstalling all the data via back up files (if they are available, which is rarely the case) and reinstalling all the software, some of which is usually not be readily available. This can take hours and cost a lot of money. All those costs can be avoided for less than $40/computer by installing antivirus and internet security software on all the PCs. Installing anti-virus software, internet traffic filtering gateways (firewalls), intrusion detection devices and security patches can substantially reduce the risk of being hit, but cannot guarantee complete immunity. In fact, as more users turn on their America Online Internet Messenger (AIM) or any other instant messenger software, to chat in real time with their friends and colleagues; they also open their PC and network to infections, because instant messengers allow users to swap files. Even though Instant Messenger software can leverage already installed anti-virus software, it does not itself scan files for viruses hence can potentially deliver a double punch: lost productivity and another means to let in viruses -- not to mention that instant messengers do not provide any means to keep the communications confidential. Speaking of AOL, the company also claims that the AOL internet access can provide safe computing for children via the use of AOL’s “advanced” parental controls. Unfortunately, that is not the case as it is extremely easy to circumvent the so-called security features of AOL’s environment with a single mouse click (even in the newly released version 8.0, available in a mailbox near you…). Practical advice - If you do not have antivirus software on your machine, do the following: point your browser to http://housecall.trendmicro.com/ or http://www.pandasoftware.com/activescan/ for a free online scan. You can also download FREE antivirus software from http://www.free-av.com/ , http://www.grisoft.com/html/us_downl.htm, or http://www.vcatch.com/download.html however, those FREE programs are usually tested against generic virus lists and may not contain the bells and whistles that commercial software does… but they are free and some protection is better than none! Questions? Comments? Email the author: fredo@workingarts.com Sales tools|Marketing tools|Public relations|Partner development | Home
Contact
information | |
