LongIsland.com

Computer threats are real and getting worse…

Written by itdepartment  |  18. July 2007

As if there isn't enough to worry about in today's business environment with pressures on the business to make sales/profits, remain competitive, be innovative, etc., you now need to add to the ever increasing threat of computer and network attacks to the mix. They are coming from all ends both internal and external and can result in a loss of data/information, time, resources and productivity. These threats affect everyone and we all need to do our part to alleviate this risk. So lets start by identifying some of the examples of these threats:
  • Viruses/Worms - Sasser, Zotob, Nimda, Welchia, Melissa, I Love You, Blaster
  • Hackers
  • Crackers
  • Malicious code - Spyware, Malware, Adware, Keyloggers, RATs, Trojans
  • Botnets - zombie PCs
How do they come "in the door"?
  • Phishing
  • Social engineering
  • Drive by downloads
  • Installing malicious codes on your systems at home and work
  • Through email and attachments - pictures applications web pictures, applications, links, wallpaper
  • System drivers, printer drivers, wireless drivers
  • Media players -iPods
  • Media files - as in the case of movies (AVI's, MPG's, etc.)
  • Free software distribution - freebies online purporting to get rid of threats but brings in even bigger threats with more serious intent.
Just what do they want?
  • Your data...
    • Confidential information
    • Personal records
    • Financial records
    • Anything that can be used for financial gains and espionage.
What's the cost? (Besides potentially your entire business?) In order to calculate the cost of a virus infecting your network and damaging your information do the following;
  • List the number employees in your business
  • Calculate an average hourly compensation per employee
  • Think about what files and work might need to be recreated after a loss: customer database, client reports, project files, and schedules, contracts, etc.
  • Estimate the amount of time required to re-create lost databases, financial files, and other work per employee
  • Multiply the time required by the number of employees affected by the average hourly compensation
Worse yet... Most threats are not so obvious anymore and are more insidious. Often they are disguised as the more low/medium-level threats that come in when you are so busy guarding against the ones that are high-level (red lights flashing). These threats are also coming from both known and unknown sources. (For example you may receive an email from someone you know and think that it is fine not having realized this person had already been compromised and spreading it to you and others).

So how do you protect against them?

  • People - awareness, communications, company policies, IT taking the lead in disseminating information on a regular basis
  • Processes
    • User Awareness sessions policy
    • Incident response Policy * I highlight this because it explains what and how you will react to a compromise, including what do you tell clients/customers/vendors
    • Approved Applications Policy
    • Approved Devices
    • VPN Access Policy
    • Patch Management Policy
    • Network Management and use Policy
    • Email / IM Messaging Policy
    • User Access Control Policy
  • Technology
The biggest risk is YOU. You are often the one who opens the email, clicks on the link, downloads the software, etc. One of the biggest problems we are all guilty of is assumption. So, try not to assume too much i.e. - I assume that because we have virus protection a virus or worm will not affect us or I assume that since this attachment came from someone I know it is alright to open. I assume that I can connect my laptop to the corporate network and it will not cause any issues. I assume that since I dial into my company network that I will not cause issue if I have a compromised machine at home. These assumptions go on and on... Some more Good practices...
  • The "Break fix" approach to IT may not cut it anymore. Partner with a company that provides a "Managed Care" service that can help with managing the risk, and can also provide constant awareness, mitigation and remediation.
  • Appoint someone who will be responsible for IT Security Infrastructure responsibilities - a consulting company or internal employee. That way if and when anything happens you know who to go to and how to get the answers you need.
  • Conduct regular IT security workshops, programs and things that will help user to be more aware of the risks at hand and the roles they play in mitigating them
  • Other prevention methods include...
    1. Install antivirus on all desktops, laptops, and servers
      • Check for virus definitions daily or set for automatic updates
    2. Stop intruders with a firewall
      • Use a firewall on all desktops, laptops, and servers
    3. Stay on top of security updates
      • Deploy security patches and fixes as soon as they are available
      • Use the latest operating system versions
    4. Create strong passwords and change them frequently
      • Don't allow Web browsers to remember passwords/private data
    5. Open email responsibly
      • Scrutinize attachments before opening them; avoid ones with unusual extensions
      • Don't open or reply to unsolicited mail
Always Remember... Damage control is always more expensive in reputation, time, money and trust than the initial expense of putting basic security infrastructure and policies in place. The threats do not care what size company or market you work in/for. It knows what it is looking for and how to get it and unfortunately, it's in every business' infrastructure.

Thanks to Brett A. Scudder from The Technology Suite for contributing to this article. :)

Copyright © 1996-2022 LongIsland.com & Long Island Media, Inc. All rights reserved.