Viruses are now more than ever in overload and thanks to the more recent devastating SoBig and Blaster viruses we know how vulnerable we really are. But how hard can it be to protect yourself right? Just install a reputable anti-virus package, select and configure the correct firewall and stay away from the wrong websites. One of the main concerns SoBig and Blaster has shown us is that even if you have an anti-virus package, these viruses have narrowed the range of safe configurations that are acceptable in the future, punishing companies and individuals who have not kept up to date and followed the particular configuration.
|
"Having anti-virus software does not automatically protect you against new viruses." |
I have compiled a list of four major mistakes that I have found and are commonly repeated in some companies. It will not stop the viruses but it may give you a better chance before the next wave of viruses attack.
Mistake #1 - Hotmail
At one point during the SoBig saga, the Hotmail anti-virus system was unable to detect the SoBig Virus. So what has hotmail got to do with large companies and corporations? Most companies for a long time have banned their employees from sending non-business email from their work place email address. Where else could they have turned but to Hotmail, which during this period was no help at all.
Even when hotmail did start blocking copies of the virus it did not bother to backtrack through all the emails it had let through and that had not yet been read. Consequently, when users did finally open the emails a second wave of the virus was unleashed.
Mistake #2 - Anti-Virus Software
Having anti-virus software does not automatically protect you against new viruses. It does however give you that valuable window of opportunity between a virus being set loose and you being able to download the patch to protect yourself. Even with this window, all it takes is some clever virus writer to have an understanding of what he is up against and the many factors that may help him. For example, people who have way too many contacts in their Outlook address book to the configuration made by your ISP administrators, then even the finely configured networks will become unstuck.
The bottom line is that some anti-virus software works better than others. It may be that one updates faster than another or that it does not defend itself from being disabled by a virus. But more times than none it usually comes down to human error. Two of the biggest things that users do, or rather do not do is update their virus definition files regularly or they keep scanning for viruses without even configuring the software to 'disinfect' mode rather than the 'detect' mode.
Mistake #3 - Anti-virus Installations Within Companies
Untitled Page
The necessity to continually upgrade anti-virus software may be regularly debated amongst company departments. The idea that something in perfect working condition should not be fixed or updated is a culture held by many organizations, even so with the notion that any adequate, well programmed firewall and proxy combination should be able to keep the viruses at bay, and therefore everything else does not need to be kept up to date.
For those who have ever been burgled, I am sure that the next day you went out and bought new locks for every door and window. Being hit by a new virus is similar in that you consequently start updating more frequently and make sure your ports are secured. In a large corporation having a network of computers that are not properly protected and wide open to attacks poses a potential risk for all the other computers in the company.
The main problems facing these security issues are using unsecured commercial software, insufficient updates and the belief, as most people have that it will never happen to them.
We all lead very busy lives and it may just be you are too busy to check for a new update. A few weeks go by and before long the last patch you downloaded may not respond to today's threats.
As they always say, prevention is better than cure, so do not wait till you are hit by a virus, fixing the damage can become very time consuming and annoying. It is always better to take the extra precaution from the very beginning.
Mistake #4 - Blacklist and Bounced Messages
The main reason why blacklist servers were set up was to publicize address from which spam had been received. This method use to work in the old days when mail systems could afford to be polite and return messages sent to a non-existent address. But spammers now have jumped ahead once again and use reply address from the list of address they have collected to send spam to.
Using this method was especially effective for the SoBig virus as its second wave of bounced messages was almost as devastating as the first. A lot of companies found that the legitimate emails they were sending were starting to bounce back or vanish completely. Currently "bounce-back" rates average around 12.6% so managing your emails and bounces can greatly improve your email delivery.