|
|
Computer Viruses - keep one step ahead!
by Jenny Holton
Over the past few weeks, anti-virus activity has again become the focus of many businesses. New computer worms such as the Magistry, Homepage & Mawanella worms have spread rapidly through computer systems worldwide, costing companies billions of dollars in overloaded networks, downed servers and other breakdowns in infrastructure, client relationships and general business processes. These worms have the potential to spread very quickly and very widely, typically by e-mailing themselves to other users.
"Nothing will convince a company to adopt security technology faster than a major security breach within its organization. In today's networked business environment, security and privacy of IT infrastructures are core to a company's ongoing success and competitive advantage", says Sonny Fisher, CEO of the Y3K Group, distributor of two of the world's leading security products, F-Secure and
Sybari.
The Mawanella worm was found in the wild in USA just after midnight GMT on Thursday, May 17th. After that the worm spread globally. In addition to USA, infections have been reported in Asia, Australia, South Africa and Europe.
Mawanella is a worm generated with VBSWG virus toolkit. It is similar to two other well-known e-mail worms, Anna Kournikova and Homepage. These two worms were widespread in February 2001 and early May 2001, respectively. The worm spreads using Outlook e-mail application. Typically the worms will send (mass mail) themselves to each recipient in every address book. The mass-mailing part of the code generates serious consequences, including overloading of e-mail servers and public relation problems.
An up-to-date anti-virus program is still the best protection against worms and other types of viruses. Firewalls and intrusion detection solutions are also extremely popular. However, there are also some tips that can help the end user make his computing safer.The risk of getting infected by new and unknown worms, can be minimized by implementing the following:
1. Most of the worms which use e-mail to propagate, use Microsoft Outlook or Outlook Express to spread. If you need to use Outlook, download and install the latest Outlook security patch from Microsoft. In general, keep your operating system and applications up-to-date and apply the latest patches when they become available. Be sure to get the updates directly from the vendor.
2. When possible, avoid e-mail attachments both when sending and receiving e-mail.
3. Configure Windows to always show file extensions. This makes it more difficult to for a harmful file (such as an EXE or VBS) to masquerade as a harmless file (such as TXT or JPG).
4. Never open e-mail attachments with the file extensions VBS, SHS or PIF. These extensions are almost never used in normal attachments but they are frequently used by viruses and worms.
5. Never open attachments with double file extensions such as NAME.BMP.EXE or NAME.TXT.VBS
6. Do not share your folders with other users unless necessary. If you do, make sure you do not share your full drive or your Windows directory.
7. Disconnect your network or modem cable when you're not using your computer - or just power it down.
8. If you feel that an e-mail you get from a friend is somehow strange - if it is in a foreign language or if it just says odd things, double-check with the friend before opening any attachments.
9. When you receive e-mail advertisements or other unsolicited e-mail, do not open attachments in them or follow web links quoted in them.
10. Avoid attachments with sexual filenames. E-mail worms often use attachments with names like PORNO.EXE or PAMELA_NUDE.VBS to lure users into executing them.
11. Do not trust the icons of attachment file. Worms often send executable files which have an icon resembling icons of picture, text or archive files - to fool the user.
12. Never accept attachments from strangers in online chat systems such as IRC, ICQ or AOL Instant Messenger.
13. Avoid downloading files from public newsgroups (Usenet news). These are often used by virus writers to distribute their new viruses.
Remember, an attacker is always one step ahead of the defender. The trend is clear - more and more attacks of every kind are going to be made.
Jenny Holton may be contacted for more information at Jenny.Holton@Y3KGroup.com
|
