Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?
-
date post
15-Jan-2016 -
Category
Documents
-
view
219 -
download
0
Transcript of Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?
![Page 1: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/1.jpg)
Slides © 2002 Sophos Plc
www.sophos.com
Computer Viruses: The end of the World as we know it?
![Page 2: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/2.jpg)
The media will often tell you…
It’s The End Of The World As We Know It - aka
TEOTWAWKI That the latest virus is a global disaster
Because of the data it destroys
Viruses and the media
![Page 3: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/3.jpg)
Viruses and the media
Are viruses disasters?
Here are what some disasters look like...
![Page 4: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/4.jpg)
![Page 5: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/5.jpg)
![Page 6: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/6.jpg)
![Page 7: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/7.jpg)
![Page 8: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/8.jpg)
Microsoft AntiVirus
![Page 9: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/9.jpg)
Don’t panic!
Data destroyers are not disasters
Because you all have backups (we hope)
But is data destruction the worst problem viruses
cause?
![Page 10: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/10.jpg)
But...
Data diddlers
Binary blabbers
Phantom posters
Oops! I did it again...
Your credibility can be affected by any of the
following
![Page 11: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/11.jpg)
Slides © 2002 Sophos Plc
www.sophos.com
Credibility crushers
Data diddlers
![Page 12: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/12.jpg)
Data diddlers
Viruses which subtly corrupt data
Viruses can switch around or alter data
May take months before the data corruption is even
noticed
![Page 13: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/13.jpg)
Maybe you’re posting financial information for
the stock market
You may have to make an embarrassing
retraction
Data diddlers
Imagine if your financial results were diddled with...
![Page 14: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/14.jpg)
Data diddlers
Let’s make this more personal, shall we?
![Page 15: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/15.jpg)
Romeo,
I love you.
I hate the thought that we
will never see each other
again.
Ta ta for now, Juliet
![Page 16: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/16.jpg)
Romeo,
I hate you.
I love the thought that we
will never see each other
again.
Ta ta for now, Juliet
![Page 17: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/17.jpg)
Data diddlers
Data diddlers corrupt your data by swapping information
AND…
…ruin your love life
![Page 18: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/18.jpg)
Slides © 2002 Sophos Plc
www.sophos.com
Binary blabbers
Credibility crushers
![Page 19: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/19.jpg)
Binary blabbers
Confidentiality breached
Email-aware viruses
Forwarding a confidential document to customers and
business associates
Who needs espionage when a virus is doing it for free?
Research, exam papers, results
![Page 20: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/20.jpg)
Binary blabbers
Imagine Alistair Campbell wanted to send
an email
to Tony Blair
![Page 21: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/21.jpg)
![Page 22: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/22.jpg)
…even Mr Prescott!!
Binary blabbers
But the virus emailed his message to everybody in
the government
Everyone turns up to King’s Head
![Page 23: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/23.jpg)
Slides © 2002 Sophos Plc
www.sophos.com
Phantom posters
Credibility crushers
![Page 24: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/24.jpg)
Newsgroups: alt.impeach.clinton, alt.politics.clinton,alt.fan.rushlimbaugh, alt.rush-limbaugh
Message-Id: <[email protected]>
From: "Linus F. Zimmerman” <[email protected]>
Subject: Re: Bradley on homosexual access to military
Date: 17 Jan 2000 00:47:22 GMT
Attached file: HAPPY99.EXE
Consider this example:
Phantom posters
![Page 25: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/25.jpg)
Newsgroups: alt.politics.economics, comp.software.year-
2000, misc.invest.stocks,alt.talk.year2000
Message-Id: <[email protected]>
From: Hyman Blumenstock <[email protected]>
Subject: Re: Defending Y2K - The Greatest Con Job Of All
Date: 02 Jan 2000 14:43:10 GMT
Attached file: HAPPY99.EXE
Would this affect your IT credibility?
Phantom posters
![Page 26: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/26.jpg)
Slides © 2002 Sophos Plc
www.sophos.com
Oops! I did it again...
Credibility crushers
![Page 27: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/27.jpg)
Oops! I did it again...
Credibility
Sending out a virus publicly announces you are
infected
What would your customers/colleagues think?
![Page 28: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/28.jpg)
Oops! I did it again...
Credibility
Ziff Davis reported in August 1999
Fuji Bank sent out a document to investment partners regarding its
forthcoming merger with the Industrial Bank of Japan and Dai-Ichi
Kangyo Bank
When investors opened the document...
![Page 29: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/29.jpg)
![Page 30: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/30.jpg)
So...
In short...
The media are focusing on data destruction as being
the problem with viruses
Yet your credibility and confidentiality is being
threatened by a growing number of viruses
Having anti-virus software in place and regularly
updated is a must…
![Page 31: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/31.jpg)
Internet virus vectors
SMTP
HTTP
FTP
NNTP
IRC
![Page 32: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/32.jpg)
Other virus vectors
Network shares
Removable media
PDA
![Page 33: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/33.jpg)
Four tiers of virus protection
Internet
ISP
Tier 4
Tier 3
Tier 2
Tier 1
![Page 34: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/34.jpg)
Four tiers of virus protection
Internet
ISP
Users’ computers
Tier 3
Tier 2
Tier 1
![Page 35: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/35.jpg)
Users’ computers
Desktops
Laptops
PDAs
Mobile ‘phones
![Page 36: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/36.jpg)
Users’ computers
Main target
Only place guaranteed to see all data
Uncontrolled
Increasing diversity
Large numbers
Difficult to manage
Identification
Installation
Updates
Configuration
![Page 37: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/37.jpg)
Four tiers of virus protection
Internet
ISP
Users’ computers
Local servers
Tier 2
Tier 1
![Page 38: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/38.jpg)
Local servers
File-servers
Application servers
![Page 39: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/39.jpg)
Local servers
Susceptible to network aware viruses
Controlled by network administrators
Lower numbers
Easier to manage
Not all data passes through servers
![Page 40: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/40.jpg)
Four tiers of virus protection
Internet
ISP
Users’ computers
Local servers
Email servers
Tier 1
![Page 41: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/41.jpg)
Email servers
Main route for viruses
Controlled by network administrators
Low numbers
Easy to manage
Data may not be readable e.g. Encryption
May not have access to stored email
Not only route for viruses
![Page 42: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/42.jpg)
Four tiers of virus protection
Internet
ISP
Users’ computers
Local servers
Email servers
Managed services
![Page 43: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/43.jpg)
Managed service
Edge of network devices
Dedicated devices
ISPs
Dedicated managed service
![Page 44: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/44.jpg)
Managed service
Managed by supplier
No local management
Main route for viruses - Email
Data may not be readable e.g. Encryption
Not only route for viruses
No access to stored data
![Page 45: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/45.jpg)
What else can you do?
But perhaps other preventative measures would
better protect your reputation from going down the
loo
![Page 46: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/46.jpg)
DISCLAIMER
Preventative anti-virus measures
The following rules and procedures are not foolproof
But they will dramatically reduce the threat viruses
can pose your organisation - and decrease the
chances of your confidentiality and credibility being
damaged
![Page 47: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/47.jpg)
Avoid using DOC files
DOC files support macros
If macros are supported, macro viruses can flourish
Why not...
Save your documents in Rich Text Format (RTF)
RTF does not support macros
Configure Word to save files as RTF by default
![Page 48: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/48.jpg)
Look out for security bulletins
Offer timely security information, patches and
updates
Examples include Microsoft,
(http://www.microsoft.com/technet/security),
and Sophos Anti-Virus
(www.sophos.com/virusinfo/notifications)
![Page 49: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/49.jpg)
Block unwanted filetypes
Do you really need to send/receive these file types:
EXE, VBS, SHS, COM, SCR, JS, HTA, BAT?
If yes…
Set up a list of authorised users who can
send and receive these files.
If not, protect yourself!
![Page 50: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/50.jpg)
Limit internet access
Viruses are often downloaded from the web
Is surfing the net a necessity in your organisation?
If yes...
Ensure that web access is only available on dedicated
internet PCs
Or limit access to trusted sites only.
If not…
get rid of the darn thing
![Page 51: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/51.jpg)
++ ==
Visit www.eicar.org and download the EICARtest file insteadNo infection risk. No worries.
Use EICAR for testing
Never EVER test your anti virus software with a virus
![Page 52: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/52.jpg)
Deselect WSH
Deselect Windows Scripting Host (WSH)
Some viruses depend upon WSH to spread (e.g.VBE
and VBS)
![Page 53: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/53.jpg)
Watch out for hoaxes
Never allow users to forward virus alerts
Sleuthing out whether a real virus or a hoax has
infiltrated your company is the administrator’s job and
no one else’s
Tell your users not to trust ANY virus alerts
(even from coolcat anti virus companies)
![Page 54: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/54.jpg)
Don’t boot from floppies
Obstruct boot sector viruses via CMOS
Most PCs check the A: drive before
the C: when booting
An infected floppy disk in the
A: drive on boot up equals virus
Why not...
Change the sequence to “C: first” in
your BIOS settings to avoid pure
boot sector viruses
![Page 55: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/55.jpg)
Warn users about floppies
Warn users about the dangers of floppies
Many believe that floppy disks are no longer used
But pure boot sector viruses are still infecting PCs
Laptops are a major contributor
![Page 56: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/56.jpg)
Conclusion
Viruses, Trojans and worms are on the increase
They are becoming more complex and more effective
BUT...
![Page 57: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/57.jpg)
It is not the end of the World!
They are preventable
Anti-virus software
Best practice
Know your enemy
Ignore the hype
![Page 58: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/58.jpg)
Latest virus alerts
Recent reports
Playing on World Cup interest
![Page 59: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/59.jpg)
Latest virus alerts
The Barthez virus
Prevents you from saving anything
![Page 60: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/60.jpg)
Latest virus alerts
The Rivaldo virus
Repeatedly falls over but immediately reboots with
no apparent side-effects
![Page 61: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/61.jpg)
Latest virus alerts
The Roy Keane virus
Makes the PC unstable and throws you out of
Windows
![Page 62: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/62.jpg)
Latest virus alerts
The Argentinian virus
Looks dangerous but deletes itself after ten days
![Page 63: Slides © 2002 Sophos Plc Computer Viruses: The end of the World as we know it?](https://reader035.fdocuments.us/reader035/viewer/2022062423/56649d795503460f94a5c115/html5/thumbnails/63.jpg)
Slides © 2002 Sophos Plc
www.sophos.com
Computer Viruses: NOT the end of the World as we know it!