Viruses and the media The media will often tell you… • It’s The End Of The World As We Know It - aka TEOTWAWKI • That the latest virus is a global disaster • Because of the data it destroys
Viruses and the media Are viruses disasters? • Here are what some disasters look like...
Don’t panic! Data destroyers are not disasters • Because you all have backups (we hope) • But is data destruction the worst problem viruses cause?
But... • Data diddlers • Binary blabbers • Phantom posters • Oops! I did it again... Your credibility can be affected by any of the following
Credibility crushers Data diddlers
Data diddlers Viruses which subtly corrupt data • Viruses can switch around or alter data • May take months before the data corruption is even noticed
Data diddlers Imagine if your financial results were diddled with... • Maybe you’re posting financial information for the stock market • You may have to make an embarrassing retraction
Data diddlers Let’s make this more personal, shall we?
Romeo, I love you. I hate the thought that we will never see each other again. Ta ta for now, Juliet
Romeo, I hate you. I love the thought that we will never see each other again. Ta ta for now, Juliet WAZZOOED!
Data diddlers Data diddlers corrupt your data by swapping information AND… …ruin your love life
Credibility crushers Binary blabbers
Binary blabbers Confidentiality breached • Email-aware viruses • Forwarding a confidential document to customers and business associates • Who needs espionage when a virus is doing it for free? • Research, exam papers, results
Binary blabbers • Imagine Alistair Campbell wanted to send an email to Tony Blair
Binary blabbers • But the virus emailed his message to everybody in the government • Everyone turns up to King’s Head …even Mr Prescott!!
Credibility crushers Phantom posters
Newsgroups:alt.impeach.clinton, alt.politics.clinton, alt.fan.rushlimbaugh, alt.rush-limbaugh Message-Id: <3882669A.ACFF4B59@tabletoptelephone.com> From: "Linus F. Zimmerman” <email@example.com> Subject: Re: Bradley on homosexual access to military Date: 17 Jan 2000 00:47:22 GMT Attached file: HAPPY99.EXE Phantom posters Consider this example:
Newsgroups: alt.politics.economics, comp.software.year- 2000, misc.invest.stocks,alt.talk.year2000 Message-Id: <386F6446.CA9B2991@home.com> From: Hyman Blumenstock <firstname.lastname@example.org> Subject: Re: Defending Y2K - The Greatest Con Job Of All Date: 02 Jan 2000 14:43:10 GMT Attached file: HAPPY99.EXE Phantom posters Would this affect your IT credibility?
Credibility crushers Oops! I did it again...
Oops! I did it again... Credibility • Sending out a virus publicly announces you are infected • What would your customers/colleagues think?
Oops! I did it again... Credibility Ziff Davis reported in August 1999 Fuji Bank sent out a document to investment partners regarding its forthcoming merger with the Industrial Bank of Japan and Dai-Ichi Kangyo Bank When investors opened the document...
So... In short... • The media are focusing on data destruction as being the problem with viruses • Yet your credibility and confidentiality is being threatened by a growing number of viruses • Having anti-virus software in place and regularly updated is a must…
Internet virus vectors • SMTP • HTTP • FTP • NNTP • IRC
Other virus vectors • Network shares • Removable media • PDA
Four tiers of virus protection Internet ISP Tier 1 Tier 2 Tier 3 Tier 4
Four tiers of virus protection Internet ISP Tier 1 Tier 2 Tier 3 Users’ computers
Users’ computers • Desktops • Laptops • PDAs • Mobile ‘phones
Users’ computers • Main target • Only place guaranteed to see all data • Uncontrolled • Increasing diversity • Large numbers • Difficult to manage • Identification • Installation • Updates • Configuration
Four tiers of virus protection Internet ISP Tier 1 Tier 2 Local servers Users’ computers
Local servers • File-servers • Application servers
Local servers • Susceptible to network aware viruses • Controlled by network administrators • Lower numbers • Easier to manage • Not all data passes through servers
Four tiers of virus protection Internet ISP Tier 1 Email servers Local servers Users’ computers
Email servers • Main route for viruses • Controlled by network administrators • Low numbers • Easy to manage • Data may not be readable e.g. Encryption • May not have access to stored email • Not only route for viruses
Four tiers of virus protection Internet ISP Managed services Email servers Local servers Users’ computers
Managed service • Edge of network devices • Dedicated devices • ISPs • Dedicated managed service
Managed service • Managed by supplier • No local management • Main route for viruses - Email • Data may not be readable e.g. Encryption • Not only route for viruses • No access to stored data
What else can you do? • But perhaps other preventative measures would better protect your reputation from going down the loo
DISCLAIMER • Preventative anti-virus measures • The following rules and procedures are not foolproof • But they will dramatically reduce the threat viruses can pose your organisation - and decrease the chances of your confidentiality and credibility being damaged
Avoid using DOC files • DOC files support macros • If macros are supported, macro viruses can flourish • Why not... • Save your documents in Rich Text Format (RTF) • RTF does not support macros • Configure Word to save files as RTF by default
Look out for security bulletins • Offer timely security information, patches and updates • Examples include Microsoft, (http://www.microsoft.com/technet/security), and Sophos Anti-Virus (www.sophos.com/virusinfo/notifications)
Block unwanted filetypes • Do you really need to send/receive these file types: EXE, VBS, SHS, COM, SCR, JS, HTA, BAT? • If yes… • Set up a list of authorised users who cansend and receive these files. • If not, protect yourself!
Limit internet access • Viruses are often downloaded from the web • Is surfing the net a necessity in your organisation? • If yes... • Ensure that web access is only available on dedicated internet PCs • Or limit access to trusted sites only. • If not… • get rid of the darn thing