Online security. The past .. and the future.
January 23, 2013Over a 2 year period at the turn of the century (1999-2001), when the World Wide Web was still in its infancy, some of the most contagious malware was released.
January 1999: The Happy99 worm invisibly attached itself to emails, wished the user a Happy New Year and displayed fireworks to hide changes being made. It modified system files related to Outlook Express and Internet Explorer (IE) on Windows 95 and Windows 98.
March 1999: The Melissa worm was released. It targeted Microsoft Word and Outlook-based systems, infecting 15-20% of all business PCs on the planet, and created considerable global network traffic.
May 2000: The ILOVEYOU worm, (aka The Love Bug), infected millions of Windows computers within a few hours of its release. In a single day, it infected 10% of Internet connected computers, worldwide. The Love Bug caused $5.5 billion damage and is considered to be one of the most damaging worms ever.
February 2001: The Anna Kournikova virus overwhelmed e-mail servers by sending e-mail to contacts in the Microsoft Outlook addressbook. Its impact caused some users to replace desktop computers.
This 2 year period; which included the Millennium bug scare, aka “Y2K” for Year 2000, (in which systems were upgraded to ensure that system clocks would not reset to the common two digit 00, but recognise the 4 digit year 2000); was fertile with the growth of community security awareness, more cautious computer behaviour and the broad-scale adoption of anti-virus software.
November 2008: The Conficker worm infected +/- 10 million computers worldwide; including French, German and UK military networks; and is currently regarded as the most virulent of recent era infections.
Historical perspective is a valuable thing when it comes to recognising the potential for malicious threats.
Even though an outbreak on the scale of The Love Bug or the Melissa virus has not recurred, the potential has not diminished. In many ways it has increased, as malware is far more covert, polymorphic (an encrypted combination of trojan, mutating virus and bot), which is able to constantly modify itself to avoid detection or eradication.
All government, educational and corporate networks and individual computers (including handheld devices) are vulnerable.
Common sense dictates that you never open any attachment from anyone (including friends), unless first verifying that the attachment was requested or pre-notified. Never open .exe files unless downloading on demand from a reputable source. It also establishes trust if you do not send or post online any file which has the ability to carry a virus (e.g. Word / Excel). The PDF file format is even potentially vulnerable from infection or from embedded links to malware sites. Therefore, an anti-virus software configured to scan attachments before they are downloaded / opened is mandatory.
All users should implement the highest level of security, including no less than: individual high-security passwords (at least 8 units long, in a combination of at least one lower and upper case character and one numeral, and where accepted, special characters such as *#/%), a firewall, anti-spam and anti-virus software, and regular scans to detect unwanted cookies or malicious threats. Using a reputable software, these threats should be quarantined and eliminated.
At least one backup generic email address (Gmail, Hotmail, Yahoo, etc.) should be created, to enable communications in case your domain name becomes infected and email on that domain is blocked or unusable. This email can also be used to retrieve passwords for an email account on your corporate domain.
Recommended security vendors:
Symantec.com
McAfee.com
TrendMicro.com
Talk to Digital Tsunami about security for your web hosting.
From Our Clients
Andrew has provided Merrell Associates with reliable service, bringing a vast wealth of knowledge in IT to the task for more than the eight years I have been working here.
We have been helped by Andrew to solve all sorts of problems and if there isn't an immediate fix, solutions are found pretty quickly.
The team at Digital Tsunami was incredibly responsive, delivering a solution well ahead of deadline. Their technical knowledge was exceptional, they were innovative, and they were very meticulous. What's more, they understood my business and technical requirements and translated them into a user-friendly, refined, professional site which is conceptually simple and cohesive.
I don't know what you do, but you do it well.
I have enjoyed working with you on this important project and have been particularly impressed by your company's professionalism. The speed and accuracy of your work has been first rate and your creative input has been instrumental to the success of the project.
You did excellent work with the site.