19. Arm yourself: Computer
threats lurking online
By Mark Alberstat
DURING THE last six months, computer users have had to put up with several
devastating worms, viruses and denial of service attacks from nasties who
like to show us how smart they are by writing malicious code. The vast
majority of these threats are aimed at computers running one of
Microsoft's Operating Systems, although a growing number of attacks are
aimed at Macintosh and other operating systems.
August was one of the worst months ever for attacks. It is estimated that
one eight-day stretch of constant attacks cost the U.S. economy $2
billion. That's a lot of worm food.
Symantec Corp., a leader in Internet security programs for private and
commercial use, released a study earlier this month stating that blended
threats are on the increase.
Blended threats? Six months ago, few people, except computer security
junkies, had even heard of the phrase.
This new type of cyber attack utilizes both malicious code and existing
program vulnerabilities to launch an assault on your company's network or
your home computer.
Symantec believes some future attacks will be aimed at instant messaging
and peer-to-peer services. Popular programs such as Yahoo Instant
Messaging, MSN Messenger or Kazaa are popular targets because they are
often left on for long periods of time and allow files and data to pass
both ways through firewalls and other scanning devices.
The speed with which blended threats move around the Internet is also
faster than ever before. It is estimated that at its peak rate of
infection, the Blaster worm was infecting as many as 2,500 computers an
hour.
Thankfully, news about active worms and viruses is also moving quickly
these days through word of mouth and Internet security sites. The cures
and patches needed for prevention or removal of the latest threat are also
moving quickly.
Symantec makes recommendations for the home user, or system administrator,
that are certainly worth considering, if not implemented immediately:
- Turn off or remove unneeded services. These services can be the
previously mentioned file-swapping or messaging programs.
- Keep patch levels up to date. The latest updates often plug holes
that are seen as access points for worms and viruses.
- Enforce a strict password policy. This recommendation is not critical
for home users but on corporate networks, it can be crucial.
- Configure e-mail servers and accounts to block or remove e-mail that
contains file attachments used to spread viruses with the following
extensions: .vbs, .bat, .com, .exe, .pif and .scr.
- Do not open e-mail attachments unless you are expecting them, and
they have been scanned by an up-to-date virus scanner.
The upside of all this doom and gloom is that more companies and users are
using sophisticated firewalls and other practices to limit their
vulnerability to attacks. This increased vigilance may, but probably
won't, limit the number of people writing viruses in the future.
The Mousepad runs every two weeks. It's a service of Chebucto Community
Net, a community-owned Internet provider. E-mail computing questions to
mousepad@chebucto.ns.ca.
Originally published 12 October 2003
