Preparing for the Coming Storm

It’s comforting to read those security threat level indicators that inform us that the threat from malware attacks is currently low. Unfortunately there are blind spots in early warning systems. They’re based on intelligence rather than real intent. The reality is that we don’t know when a big attack is likely to strike. It could be tomorrow or might be next year. It’s easy for users to become complacent about threats when newspapers aren’t carrying scare stories. But the indications are that something big might be brewing in the pipeline. And we aren’t doing anywhere near enough to educate our users and customers.

For those of you who haven’t been tracking the steady progress of the Storm worm, I’d recommend reading Bruce Schneier‘s recent analysis in Wired. It’s claimed that up to 50 million PCs might have already been infected by this agile piece of malware, perhaps making it more powerful than the world’s fastest supercomputers. And we don’t know who’s behind it or what they are planning – unless we get lucky and they get caught. Storm is a glimpse of the future of malware. It’s dangerous and difficult to stop. Education is the key to reducing our exposure. So with Christmas looming and a flood of e-Cards and mail shots about to hit everyone’s in-trays, it’s time to raise those security awareness levels.