1 / 63

Computer Viruses: The end of the World as we know it?

Computer Viruses: The end of the World as we know it?. Viruses and the media. The media will often tell you… It’s The End Of The World As We Know It - aka. TEOTWAWKI. That the latest virus is a global disaster Because of the data it destroys. Viruses and the media. Are viruses disasters?

sondra
Download Presentation

Computer Viruses: The end of the World as we know it?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Viruses: The end of the World as we know it?

  2. Viruses and the media The media will often tell you… • It’s The End Of The World As We Know It - aka TEOTWAWKI • That the latest virus is a global disaster • Because of the data it destroys

  3. Viruses and the media Are viruses disasters? • Here are what some disasters look like...

  4. Microsoft AntiVirus

  5. Don’t panic! Data destroyers are not disasters • Because you all have backups (we hope) • But is data destruction the worst problem viruses cause?

  6. But... • Data diddlers • Binary blabbers • Phantom posters • Oops! I did it again... Your credibility can be affected by any of the following

  7. Credibility crushers Data diddlers

  8. Data diddlers Viruses which subtly corrupt data • Viruses can switch around or alter data • May take months before the data corruption is even noticed

  9. Data diddlers Imagine if your financial results were diddled with... • Maybe you’re posting financial information for the stock market • You may have to make an embarrassing retraction

  10. Data diddlers Let’s make this more personal, shall we?

  11. Romeo, I love you. I hate the thought that we will never see each other again. Ta ta for now, Juliet

  12. Romeo, I hate you. I love the thought that we will never see each other again. Ta ta for now, Juliet WAZZOOED!

  13. Data diddlers Data diddlers corrupt your data by swapping information AND… …ruin your love life

  14. Credibility crushers Binary blabbers

  15. Binary blabbers Confidentiality breached • Email-aware viruses • Forwarding a confidential document to customers and business associates • Who needs espionage when a virus is doing it for free? • Research, exam papers, results

  16. Binary blabbers • Imagine Alistair Campbell wanted to send an email to Tony Blair

  17. Binary blabbers • But the virus emailed his message to everybody in the government • Everyone turns up to King’s Head …even Mr Prescott!!

  18. Credibility crushers Phantom posters

  19. Newsgroups:alt.impeach.clinton, alt.politics.clinton, alt.fan.rushlimbaugh, alt.rush-limbaugh Message-Id: <3882669A.ACFF4B59@tabletoptelephone.com> From: "Linus F. Zimmerman” <escopeta@tabletoptelephone.com> Subject: Re: Bradley on homosexual access to military Date: 17 Jan 2000 00:47:22 GMT Attached file: HAPPY99.EXE Phantom posters Consider this example:

  20. Newsgroups: alt.politics.economics, comp.software.year- 2000, misc.invest.stocks,alt.talk.year2000 Message-Id: <386F6446.CA9B2991@home.com> From: Hyman Blumenstock <hystock@home.com> Subject: Re: Defending Y2K - The Greatest Con Job Of All Date: 02 Jan 2000 14:43:10 GMT Attached file: HAPPY99.EXE Phantom posters Would this affect your IT credibility?

  21. Credibility crushers Oops! I did it again...

  22. Oops! I did it again... Credibility • Sending out a virus publicly announces you are infected • What would your customers/colleagues think?

  23. Oops! I did it again... Credibility Ziff Davis reported in August 1999 Fuji Bank sent out a document to investment partners regarding its forthcoming merger with the Industrial Bank of Japan and Dai-Ichi Kangyo Bank When investors opened the document...

  24. So... In short... • The media are focusing on data destruction as being the problem with viruses • Yet your credibility and confidentiality is being threatened by a growing number of viruses • Having anti-virus software in place and regularly updated is a must…

  25. Internet virus vectors • SMTP • HTTP • FTP • NNTP • IRC

  26. Other virus vectors • Network shares • Removable media • PDA

  27. Four tiers of virus protection Internet ISP Tier 1 Tier 2 Tier 3 Tier 4

  28. Four tiers of virus protection Internet ISP Tier 1 Tier 2 Tier 3 Users’ computers

  29. Users’ computers • Desktops • Laptops • PDAs • Mobile ‘phones

  30. Users’ computers • Main target • Only place guaranteed to see all data • Uncontrolled • Increasing diversity • Large numbers • Difficult to manage • Identification • Installation • Updates • Configuration

  31. Four tiers of virus protection Internet ISP Tier 1 Tier 2 Local servers Users’ computers

  32. Local servers • File-servers • Application servers

  33. Local servers • Susceptible to network aware viruses • Controlled by network administrators • Lower numbers • Easier to manage • Not all data passes through servers

  34. Four tiers of virus protection Internet ISP Tier 1 Email servers Local servers Users’ computers

  35. Email servers • Main route for viruses • Controlled by network administrators • Low numbers • Easy to manage • Data may not be readable e.g. Encryption • May not have access to stored email • Not only route for viruses

  36. Four tiers of virus protection Internet ISP Managed services Email servers Local servers Users’ computers

  37. Managed service • Edge of network devices • Dedicated devices • ISPs • Dedicated managed service

  38. Managed service • Managed by supplier • No local management • Main route for viruses - Email • Data may not be readable e.g. Encryption • Not only route for viruses • No access to stored data

  39. What else can you do? • But perhaps other preventative measures would better protect your reputation from going down the loo

  40. DISCLAIMER • Preventative anti-virus measures • The following rules and procedures are not foolproof • But they will dramatically reduce the threat viruses can pose your organisation - and decrease the chances of your confidentiality and credibility being damaged

  41. Avoid using DOC files • DOC files support macros • If macros are supported, macro viruses can flourish • Why not... • Save your documents in Rich Text Format (RTF) • RTF does not support macros • Configure Word to save files as RTF by default

  42. Look out for security bulletins • Offer timely security information, patches and updates • Examples include Microsoft, (http://www.microsoft.com/technet/security), and Sophos Anti-Virus (www.sophos.com/virusinfo/notifications)

  43. Block unwanted filetypes • Do you really need to send/receive these file types: EXE, VBS, SHS, COM, SCR, JS, HTA, BAT? • If yes… • Set up a list of authorised users who cansend and receive these files. • If not, protect yourself!

  44. Limit internet access • Viruses are often downloaded from the web • Is surfing the net a necessity in your organisation? • If yes... • Ensure that web access is only available on dedicated internet PCs • Or limit access to trusted sites only. • If not… • get rid of the darn thing

More Related