Worms

China and U.S. tie as Internet attack source

Mon, 02 Jun 2008 06:59:59 -0400

A new report finds that China and the U.S. were home to the greatest percentage of Internet attacks during the first quarter of 2008. Akamai, which operates a global server network, said the most common attacks were associated with Microsoft Windows. The company also found many of the attacks came from "worms, viruses, and bots that spread across the Internet several years ago," and speculates that this might indicate that some of the attack traffic could be coming from "a large pool of Microsoft Windows-based systems that are insufficiently maintained, and remain unpatched.''

To read more:
- check out this cnet.com article

U.S., China largest originators of Internet attacks

Paul Mah — Fri, 30 May 2008 07:19:10 -0400

Akamai Technologies, which operates a global network of servers used to support the distribution of online media as well as large-scale websites and applications hosted online, has released its inaugural "State of the Internet" report. The hefty report extrapolates data gathered across Akamai's global network. It notes that while Internet-attack traffic is observed originating from 125 countries, the United States and China are the two largest sources of this traffic. Internet-attack traffic could involve denial of service and hacking attempts, as well as traffic from worms, viruses and bots. Almost 17 percent of this traffic comes from China, though the U.S. is a close second at 14 percent.

For more on Internet attacks:
- check out Network World article

ALSO NOTED: The CIO must think like a politician;Are CIOs facing pressure to trim staff?;

Thu, 31 Jan 2008 06:59:58 -0500

> The CIO must think like a politician. Article
> Are CIOs facing pressure to trim staff? Article
> Four cases of data security breaches. Article
> Get paid for a job interview. Article
> Management gets the bulk of corporate training $$$. Article
> For CIOs: 10 free technology tools. Article
> Internet breakdown in Egypt and India. Article

And Finally... Watch out for the Valentine's Day worm. Article

Record year for email spam

Thu, 10 Jan 2008 06:59:58 -0500

Not that any CIO wants to hear this, but spammers ran rampant in 2007. And if you never saw any spam on your system, you had a great spam filter or you were very lucky. In 2007, spam accounted for a large percentage of email traffic, according to SpamStopsHere, a provider of e-mail security and spam filtering solutions. Phishing attacks rose dramatically, too. And spam got more sophisticated. In addition to just blanketing the Internet, spam culprits attached their worms in devious ways to MP3, Zip, Excel, Word and PDF files. There's a lot of surveillance that must take place to prevent this kind of infection.

One spam attack involved the Storm Worm, which claimed to have information about storms. The spam was so effective that experts say the number of PCs infected by Storm Worm could reach 10 million. So what's a CIO to do? Well there is the usual stuff. Train your employees to be wary of strange email, get a strong spam filter and just hope that 2008 will be the year that spam is finally contained and conquered.

For more on growing spam attacks:
- See this press release

McAfee: Microsoft Visa a security risk

Mon, 19 Nov 2007 06:59:59 -0500

Are you worried about Microsoft Vista's security? You probably should be. Criticism of Microsoft's latest Windows operating system has been common, especially with regard to security. Now McAfee, an intrusion prevention and security risk management company, has identified Vista as one of 10 pending security threats in the coming year. Vista was not alone on the list. CIOs need to sit up and take note about all of these warnings.

The other threats include continued distribution of malicious software and data mining of personal information through popular online applications such as MySpace and Monster.com. Increased proliferation of Storm Worm, a malicious program that began infecting computers in January 2007, remains a threat. And don't forget viruses spread through Instant Messaging programs. What CIO does not have Microsoft Vista in his shop or plans to get it as soon as the program expands? It may be a big issue for every CIO system in the coming year. And we would like to know what you are doing to make sure your Vista system is protected--let us know in the comments.

For more on Vista headaches:
- See this CNNMoney article

Hack attack alert

Mon, 22 Oct 2007 06:59:59 -0400

Most CIOs realize that hack attacks are becoming more sophisticated. The days of throwing up a firewall to fix a problem are over. And it's less common now for attackers to break in through the front door. It's becoming more likely that an end-user will launch a worm or bot that causes an attack. It's not that hard; a hacker can send 100 spam e-mails to a company and get one lucky hit. So if you are working on your company's computer security strategy, pay at least as much attention to client-side protections as you do the hacker's old habits.

For more on tech threats:
- check out this InfoWorld article

Tech storage grows up Hack attack alert Why consultants get axed Tech storage grows up

Mon, 22 Oct 2007 06:59:58 -0400

For more on tech threats:
- check out this InfoWorld article

Sometimes a CIO has to bring in a tech consultant to upgrade a system. It might happen when there are no people in the IT shop who can handle the task. But there is always a risk in doing this. The consultant may not be on time, the job may be far more complicated than expected, or the consultant and CIO may not be on the same page for efficiently achieving success. In order to protect your company, make sure you have a way out when hiring a consultant. Know who you are hiring and, if at all possible, bring in a trusted consultant that you've worked with before.

To read more on why consultants get axed:
- see this Baseline article

Data storage is becoming more sophisticated. The use of a rotating magnetized disk is receding, and taking its place are solid state drives (SSDs), sometimes referred to as flash drives. They use no moving parts. SSDs are changing the way CIOs view storage for workstations and data centers. Once packaged, these drives are no different from platter-based predecessors as far as interface controllers are concerned. The key difference is the lack of moving parts, and advancement that will deliver an immediate result: data access is near instantaneous.

For more about storage:
- see InformationWeek article

Phishing for presidential candidates

Mon, 15 Oct 2007 06:59:59 -0400

This year's presidential candidates will be facing the same kind of hack attacks that commercial websites are facing. Just how many of these candidates have CIOs on board? There are probably very few. But it is an idea that they might consider, as the threat to a candidate's online contributions gets bigger with attacks such as phishing, which can worm their way onto a site and divert online contributions to an opponent. "The threat that poses the most danger now is what has posed the most danger in the past," said Oliver Friedrichs, the director of Symantec's security response team. "Phishing is the most significant problem now, and it has the potential to disrupt campaigns or even competing campaigns." There are plenty of other headaches too. Hackers could pose as the real deal in order to harvest contributors' credit card and bank account numbers. In 2004, only two phishing attacks were identified. Both attacks targeted Democratic presidential candidate John Kerry. But this time, experts say the 2008 campaign will see a much larger number of election-oriented phishing campaigns. Do you think every campaign needs a CIO to help them out?

To read more:
- see this InfoWorld article

Windows Worm spreading via Skype

Mon, 10 Sep 2007 06:59:55 -0400

Batten down the hatches, VoIP fans: there's a new Windows Worm in town and from the looks of it, it's spreading itself via Skype. Apparently, clicking what appears to be an image link in a "cleverly written" chat message downloads the w32/Ramex.A virus to your local hard drive. Once the file is executed, the user's machine can be taken over and controlled remotely via Skype's API. More details on the worm are available from Skype's Blog.

Storm worm masquerades as patch, storms on

Thu, 12 Apr 2007 20:01:38 -0400

A new variant of the dreaded "Storm Worm" is hitting inboxes around the world, disguising itself as a fix for infected PCs. Users receive an email with a subject line like "Virus Activity Detected!" Upon opening the email, the user is greeted by a password-protected .zip file that contains the "fix," which is, actually--you guessed it--the virus. Upon making its home as a rootkit on the local hard drive, the virus connects to a private P2P network and downloads updates, possibly to lay the groundwork for a future attack. The virus can be a bit tricky to filter through email, as it apparently uses randomized file names, passwords and subject lines to evade detection. Just be sure that your users know well enough not to install any "patches" they receive via email.

For more on the worm:
- see this ZDnet article