      |
Tony Buffkin :: tbuffkin@sagesol.com
At Sage, we are dedicated to doing all we can to protect the integrity of your systems, at every level - from the individual workstations to the servers and the network. The Internet has come of age as the ultimate tool for tasks such as marketing, communications, and global commerce. But with all the good comes the bad: malicious parties abusing the system for their own gains. Studies show that new and more complex threats are constantly emerging.
The financial implications of this “malware” can be staggering. The costs due to damage and recovery for every outbreak within the office can be costly—well into the thousands—depending on the severity of the infection. Below I describe some common and new threats lurking on the Internet, and helpful preventive measures for both administrators and users to safeguard their computers and network from these threats.
From advertisers selling their life-enhancing schemes to criminals intent on stealing bank account numbers and other sensitive data, life in cyberspace is far from safe. Password stealers and worms have replaced file infectors and script viruses. Spyware and adware programs hide in website pop-up ads or seemingly innocuous downloads. Unsecured network shared folders, the wide use of P2P (peer-to-peer) applications (Kazaa and BitTorrent clients), and instant messaging programs typically account for 15 – 20 % of threats to networks. Recently, unsuspecting IM users were surprised to learn that while chatting from their desks, their trusted contacts were unknowingly sending viruses into the office network.
One of the more popular methods of invasion involves a new kind of attack, called "spy-phishing" which combines various attack techniques—along with some new tricks—to target on-line banks, financial institutions, and other password-driven sites. In spy-phishing the user receives an email message that infects the computer. The infected computer then sends any login or confidential data back to the attacker.
So how do you protect yourself from these varied and numerous threats? A little common sense and being alert will go a long way to keeping your workstation, network and personal privacy safe. Below are some preventive steps for network administrators and users to avoid malware.