From Security360: How the Industry Is Responding to the Malicious Software Threat
As malware evolves, IT professionals build defense strategies to keep systems secure.
REDMOND, Wash Sept. 21, 2005 Security threats such as spyware, key loggers and phishing schemes continue to emerge and grow in sophistication, according to industry experts featured this week on Microsofts monthly Security360 webcast series. The Sept. 20 webcast focused on the evolving world of computer viruses and malicious software, and offered guidance and recommendations to help organizations take proactive steps to better protect their computer networks.
netfinity
Guests on the seasons opening webcast of the Security 360 series included Susan Bradley, an independent security consultant and Microsoft Security MVP; David Endler, director of Security Research, Tipping Point; Adam Overton, Microsoft group program manager .; Natalie Lambert, analyst at Forrester Research; and David Litchfield, managing director and chief research scientist, NGSSoftware.
As the leading IP infrastructure solution vendor, VPN(SecPath), security blade, Intrusion Prevention System (IPS), and security management software(SecCenter). Kaspersky Lab has very strong antivirus research team with the fastest response time to new malicious software threats in the industry. “Partnering with Kaspersky Lab will further enhance the performance of H3C’s security products to quickly respond to malicious software threats and therefore to protect customer’s network to be safe and sound, ” commented by Henry Tso, CTO of H3C.
internet
"Computer industry analysts estimate that some 60 percent of all corporate data exists only on desktop and laptop computers, " said Walter Scott, CEO of Acronis. "Incorporating Acronis True Image with New Mexico Software backup server is the ideal solution to capture that corporate data and ensure that it is not lost. While traditional server backups are effective for protecting server data, every company should have a combination of server and workstation backup plans."
cheap computer
The panel of experts noted that while the threat from so-called "malware" is evolving, so is the response from industry. Customers, security researchers, software vendors, IT professionals and analysts are working together to help prevent malware attacks from occurring and to lessen their impact when they do.
As cyber threats have evolved, so has software to deflect such threats. Sophisticated antispyware and antivirus solutions capable of detecting the most complex new viruses are now available. New personal firewall programs designed to identify the stealthiest hacker attacks can hide your computer on the Internet. spam products filter out up to 99% of unsolicited mail, protecting computers from malicious code and saving time and resources.
digital camera
Malware or malicious software is software designed to infiltrate or damage a computer system without the owner's informed consent. It is a portmanteau of the words "malicious" and "software". The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. Examples of malware are viruses, worms, Trojan horses, rootkits, backdoors, spyware, botnets, loggers, and dialers.
printer
Many organizations have made great strides to combat and prevent malware attacks, said Mike Nash, host of the Security360 webcasts and corporate vice president of the Security Business and Technology Unit at Microsoft. By knowing how malware has changed, organizations can put in place additional defensive strategies to make their systems much more secure.
Computer memory is the quickest, cheapest, and easiest way to improve the performance of your system. Find RAM memory upgrades for desktops, laptops, servers, and printers all backed by a lifetime warranty and guaranteed compatible with your computer. Shipping is an everyday low price of $1.99! Computer Memory Outlet sells memory compatible with all leading computer manufacturers like Dell, Apple, Compaq, HP, Sony, IBM, Lenovo, and many more.”
xseries
maxtor
Security360 is webcast live on the third Tuesday of each month and is also available on-demand at www.microsoft.com/security360. Microsoft has also localized the on-demand webcasts with subtitles in nine languages.
data storage
hitachi
The changing face of malware
rational
websphere
The threat of malware has evolved greatly in the last year, according to Nash. Previously, preventing viruses was the primary focus of security strategies and software. Today, attacks come in many forms: viruses, worms, adware, spyware, phishing, key-stroke loggers, bots and root kits, and multi-level onslaughts known as blended attacks. Malware can also be delivered in many ways through instant messenger, e-mail and Web browsers.
battery
it support
The speed at which attacks are triggered is one element that has greatly changed in todays malware world. Today, attackers are much more efficient and faster moving, says Nash. When word of the Sasser vulnerability was released in May 2004, it took 17 days for the attack to occur. Last month, the time span between the disclosure and the Zotob worm exploit was only three and a half days. However, just as the attacks come more quickly, so Microsoft is also faster in responding: With Sasser, it took several days to release a cleaning tool. In the case of Zotob, it took only a few hours.
western digital
music
Malware has been around for years. But as software has become more resilient, and guidance is being followed more carefully, malware writers have had to change their tactics. Previously, the emphasis was typically a broad Internet-based attack launched through software vulnerabilities. Todays attacks are focused on user interactions, which attempt to fool the user to engage and unleash the malware.
networks
toner
An anti-malware checklist
cheap laptops
wholesale
During the webcast, Nash and his guests discussed a number of steps that IT professionals can take to improve the security of computing environments and to reduce the impact of malware on their organizations.
brother
netvista
One of the most important elements of a malware defense strategy is having a security plan and process in place, says Nash. You should hire or appoint a dedicated security resource staff and establish emergency response guidelines, says Nash. I also recommend you create, communicate and update a comprehensive companywide set of security policies. These policies should address everything from appropriate use of company resources, to treatment and handling of confidential data.
camera
networking
Tipping Points David Endler concurred. Understanding your security policy is important because, in doing so, you can take broad preventative measures like avoiding malicious or suspicious file types from entering the enterprise.
sharp
cheap
Nash and his guests also stressed the importance of evaluating existing software investments based on the organizations needs and considering the deployment of the most updated versions of software, as newer versions are less susceptible to many kinds of vulnerabilities, including malware.
windows
monitors
Make sure your machines are running up to date software and keep them patched with the latest systems, says Microsofts Adam Overton. For instance, the Microsoft Malicious Software Removal Tool is 15 times less likely to find malicious software on machines running Windows XP with Service Pack 2 (SP2) than previous versions of the Windows operating system.
linux
computer support
Another benefit of running up-to-date software, according to David Litchfield of NGSSoftware, is that modern software offers a smaller surface of vulnerability for viruses and malware to attack. If we look at Internet Information Server (IIS) 5.0 that came with Windows Server 2000, many of its features came enabled, that is many of the extensions, such as .print, .sp, and .htr, were mapped by default, says Litchfield. However, if we look at IIS 6.0, everything is turned off by default, which reduces the potential attack surface. Customers can do much of the same thing in their own business by asking what technologies they actually need in order to do business and what tools they require to achieve their business goals. Everything outside of these requirements can be turned off to reduce the attack surface, says Litchfield.
used laptops
cameras
Nash also says maintaining security at multiple layers within the network is important because if one defense measure fails, there are more layers in place for continuous protection, a strategy referred to as defense in depth. In addition to making sure you have all the latest updates and patches, Nash recommends strongly that administrators install a firewall or if running Windows XP SP2 or Windows Server 2003 make sure that Windows Firewall is enabled, because it can supply additional protection against malicious software that might be attacking their systems. For enterprise network configurations Microsoft recommends not only a level-4 firewall but also an application-level firewall, requiring multiple firewall arrays in different locations.
scanners
panasonic
Nash and his guests also recommend that organizations install software tools that protect against spyware, viruses and other malicious software, and keep them updated. Outdated antivirus software can only protect against previously identified viruses so it is imperative to regularly update antivirus software to protect systems against the latest threats.
workstation
iseries
There are many things that customers can do to be more proactive to protect themselves against malicious code, says Forresters Natalie Lambert. While patch management is essential, in a recent Forrester survey, only 13 percent of companies polled have actually deployed patch management tools. One the other hand when it comes to deploying anti-virus solutions, personal firewalls and anti-spyware tools, youre up to about 57 percent of companies. These are the tools that will help companies protect against these threats.
backup
information technology
Nash outlined a number of patch-management tools and security technologies that Microsoft offers to make updating software and helping protect organizations from spyware and other malware easier and more efficient.
routers
180gxp
Addressing malware extends beyond technology
notebook battery
security
The industry experts on Security360 said that while technology plays a key role in helping customers to protect their organizations from malware, it needs to be part of a more comprehensive approach that also involves education and policies.
lotus
virus
I used to spend my time protecting servers, the outer barrier of the system, says MVP Bradley. Today, I spend more time educating the end user. You cant service pack the end user. Thats the one technology update we cannot do. But since thats where todays major vulnerability is located, education has become a much more important component of anti-malware strategy, she says.
thinkpad t42
thinkpad 600
Nash agrees, stating that developing an education plan for all levels of the organization including administrators, end-users, and developers on their role and responsibility for information security within the company is one of the foremost strategies to prevent malware attacks. Its also important to ensure that your executives will follow-up and act appropriately when notified of a policy violation, says Nash. That means accepting the potential business interruption to correct vulnerable systems.
thinkpad 600e
thinkpad 570
While anti-virus protection is still a major component of an in-depth defense strategy, IT professionals must continue to address malware on all fronts. Resilient software, continuous updates, following guidance, and especially education are all key to a successful anti-malware strategy.
thinkpad 600x
thinkpad 390x
The same caution that we apply to our everyday environment should also apply to our Internet, says Nash. The reality is that these attacks will continue to occur but an achievable goal is to put the right safeguards in place so that your systems are more secure, he says.
thinkpad a31
Source: Microsoft
