Protecting our most valuable business asset - IT - News

Datasouth › News › Protecting our most valuable business asset - IT

News

Protecting our most valuable business asset - IT

Tuesday, 24 February 2009

Our dependence on information technology to enhance our business operations and drive our business growth have never been higher, however it would appear that we still do not understand the responsibility that is entrusted to us to protect these valuable business assets and the subsequent overall health of our business.

Over the last few months, we have again been reminded of this with the release of the Conficker worm into the wild.

First spotted in November 2008, the Conficker worm is one of the biggest worm outbreaks in recent times. By January it had been credited for infecting over 10 million PC’s globally.

So how does a worm outbreak of this size occur in an age where business supposedly understands the importance of protecting their IT assets with up to date antivirus products and what is Conficker?

Conficker is a traditional worm, designed to take advantage of an identified security vulnerability in Windows XP and Windows Vista, replicating itself from system to system. According to Symantec, should Conficker find a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables some security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.

Back in October last year, Microsoft identified the vulnerability that Conficker attacks and released a security update to protect against such an exploit. Unfortunately as of today, it is estimated that up to a third of all PC’s in the world still have not been patched with this Microsoft update. It is also estimated that a large number of the infections that have occurred were caused by infected USB devices.

So based on the fact that Microsoft released a fix back in October for a vulnerability that was subsequently exploited in November, and that a large number of infections have occurred by USB devices, the worm must surely have only infected small business and home users who have no proactive antivirus protection or patching policy in place. Wrong.

Conficker has managed to infect military, government and local enterprise computing networks around the world. The French Navy have confirmed that they were victim to Conficker, forcing them to voluntarily cut network connectivity to stop the worm from spreading on its Intramar network last month, interrupting web browsing and email messaging. Reports indicate that the worm was probably introduced when an infected USB drive was plugged into a computer on the network. It has also been reported that the worm grounded the French Navy’s Rafale fighter jets, however this has been denied by navy spokespeople.

In the UK, it has been reported that the Ministry of Defence and Navy were both victims to the worm as well as numerous health providers.

Closer to home, New Zealand’s Ministry of Health 2000 PC network was infected with Conficker. It is reported that all but 200 PC’s were cut off from the internet during the subsequent cleanup of the infection which took in excess of three weeks to complete.

The global disruption of business operations inflicted by Conficker, resulting in the subsequent loss of business productivity, profitability and increased IT support costs to eradicate the worm from infected networks is colossal and one that most organisations will not truly be able to quantify.

For a business asset that is supposed to enhance our business operations and drive our business growth, we really do need to learn to take better care of IT.

Datasouth can assist with this. As an organisation that has been providing advice to government and corporate clients for over fifteen years, we can advise, design and implement solutions that provide a fully multi-tiered security solution that protects against threats such as Conficker. No longer is it suitable to just deploy an antivirus solution or update our PC’s with Microsoft’s latest patches. We also need strategies and policies to protect our systems from its biggest threats, its users, as they now without knowledge threaten the security and integrity of our networks everyday via the use of USB devices and social network computing.

For further information on Conficker and how you may protect yourself from this type of risk, please contact Datasouth to discuss your specific requirements.