Who needs to hack when security is this lax? Claire McDonald, 15, of Devon, England, has been receiving e-mails for the past six months that she believes came from the Pentagon in the US. In all, she received over 250 e-mails that contain classified information from Royal Navy Commander Jim Dale, and intended for RNC Jamie Hay. The girl contacted Dale, who works in the US at the Pentagon, when she started receiving the e-mails. He told her to contact her Internet service provider, but continued to send the classified information.
How can corporates learn from a virus when they are basically powerless to act?
Ian Melamed, columnist, ITWeb
But then we have local precedent for this! The diary of our president kept arriving on the desktop of a very surprised Port Elizabeth computer user. Despite many calls to report it, it just kept coming.
Have companies learnt their lesson from the Love Bug virus? Silicon.com last week asked this question of corporate guests. The results make good viewing at
http://www.silicon.com/systemsecurity/v12062000
.
But many commentators still miss the main points of the issue. A guest on the show said users shouldn`t open e-mails from unknown people. However, in the case of the Love Bug the e-mails came from known parties! Corporate technical staff can`t possibly know of a virus and race on roller-skates dispensing remedies. So they do the next best thing: they turn the server off. This only helps to achieve the objectives of the virus: denial of service. The anti-virus vendors are working as quickly as they can, but they still need at least two hours to supply a fix, and as we`ve seen, this is too long. Then there is the time to distribute. How can corporates learn from a virus when they are basically powerless to act? The only real action is to try and reduce the window of opportunity for the virus to create havoc.
Still on Love Bug. Philippine legislators have really thrown down the gauntlet to virus spreaders: they can now be punished with a minimum fine of $2 350 up to a maximum commensurate with the damage caused, and can receive a jail sentence of up to three years. The Philippines has now joined Malaysia, Singapore and South Korea as countries with specific computer crime laws on the books. Somehow it doesn`t tally with the global cost of the Love Bug: $10 billion and counting.
The Malaysians are going to need plenty of cybercrime laws, judging from the latest Web site violation. Attackers have broken into dozens of Malaysian political Web sites, leaving government officials and opposition leaders fuming over images of rotting skulls and obscene messages. One vandal, calling himself "Xenophoria", attacked 21 pro-government Web sites, posting a list of demands for greater press freedom and an end to corruption. Can we expect anything similar in Zimbabwe?
Interesting to note that Symantec has developed the first anti-virus software for the Palm platform. Challenges include keeping the database of virus definitions to sizable proportions. This is the first time we`ve seen an anti-virus vendor act proactively; normally they wait for trouble to be reported. Now, while no threat from viruses, worms or Trojans has yet been identified for handhelds, Symantec has stepped into the breach. Virus problems here are inevitable as more of the devices are integrated into corporate networks. After all, any form of address book is all that is necessary to spread the malicious code.
Trend Micro has also targeted the Palm for anti-virus development, creating a Web site with information regarding the fastest growing computer platform in history. For information, visit
http://www.antivirus.com/palm
.
Still on the subject of Trend, the company reports the 10 most prevalent in-the-wild viruses, worms and Trojans (malware, as Trend calls it), for the week ended 11 June, were:
1 VBS_KAKWORM.A
2 JOKE_SMALLPEN
3 TROJ_HOTKEYS.DLL
4 TROJ_SKA
5 VBS_NETLOG.WORM
6 TROJ_PRETTY_PARK
7 VBS_LOVELETTER
8 JOKE_GESCHENK
9 VBS_NETLOG.B
10 TROJ_SUB7GOLD.21
Share
