Suggest A Fix PC Support Forums > Tough year ahead for IT security

Full Version: Tough year ahead for IT security

Suggest A Fix PC Support Forums > Security > Security News and Warnings

Interceptor

Jan 1 2003, 02:05 PM

IT managers should brace themselves for a tough 2003 fighting the world's virus, worm, and Trojan horse writers, according to predictions made Monday by security expert Roger Thompson, the author of the WormWatch Web site.

Thompson, also the technical director of malicious code research at TruSecure, predicts that 2003 will be more difficult for security pros than 2002.

“At some point [in 2003], we'll get another serious smack up side the head,” Thompson said. “We're ripe."

Although home users and small businesses remain vulnerable to malicious code delivered via e-mail -- Bugbear and Klez were 2002's biggest -- Thompson noted that mass-mailing Win32 worms were essentially unsuccessful in damaging corporations in 2002, unlike the previous year, when notorious worms such as Code Red and Nimda wrecked havoc globally.

“The day of the e-mail worm is largely done,” he said, in large part because companies are filtering their incoming e-mail and, more importantly, simply saying no to executable attachments, the delivery system of such worms. “When the majority [of corporations] start doing things like this, it helps all of us enormously.”

And that's what he's afraid of during 2003.

“I have no doubt that the bad guys are saying, 'look at e-mail defenses,' and making adjustments,” Thompson said. That trend is already evident. One of 2002's most dangerous worms, W32.Opaserv, doesn't even have an e-mail component.

Thompson is convinced that 2003 will see an attack on the level of 2001's Code Red. What shape it takes is unclear, although he points out that worms such as SqlSpida have been successful at finding weak SQL servers. His WormWatch page, in fact, cites SqlSpida as December's most potent worm.

Rather than worry about threats coming in on the back of e-mail, corporations should look internally to secure their networks and computers.

“They need to pay attention to the inside of the networks, harden it that so when something does get in, it can't spread.” Among Thompson's solutions: configuring the company's PCs by turning off unnecessary services and changing shared-level passwords.

“What I really worry about is that people are still thinking of shoring up e-mail defenses,” he said, adding that security pros should not relax.

“Who knows with these guys [malicious code writers]? If it's not another Nimda, it will be something along the lines of one,” said Thompson. “They can shoot us any time they want. They just gotta want to.”

Courtesy of: InternetWeek.com

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.