Most of us are rather lackadaisical when it comes to protecting our PCs and networks against viruses. Simon Moores hopes some hard lessons have been learned this week.
I'm feeling a little jaded. My week began with an inbox full of viruses. One in particular, received six times, carries the message, "Attention: Immediate Action Required for MSN and Windows Messenger Users" and carries a little payload called "W32Minmail".
To add to my fun, there is even a message from the administrator of my own domain – which happens to be me – telling me that my e-mail address is about to expire and that I should “Read the attached message”. No thank you, because this one happens to be loaded too, according to Norton AntiVirus, which has safely quarantined it.
Now, I wasn't born yesterday but some people working in government IT may have been. This month, Brazilian hackers "visited" a number of local government websites and vandalised them with anti-government messages and digital graffiti.
The websites in question had failed to apply a "critical" web server patch for Microsoft's Internet Information Server - I won't say which one - which has been available for some time. The result, acute embarrassment at county hall and local e-government information delivered with rich Portuguese adjectives.
It’s a mess. A week ago, Blaster wreaked havoc and cost millions in terms of lost productivity. When you're not fighting the forest fires, you have to watch out for the booby traps that litter your inbox every working day.
Much of the time however, the damage is self-inflicted, in the sense that basic security in the shape of patches or antivirus software is freely available but the evidence clearly demonstrates that a significant percentage of the end users don’t bother.
As a message, advocating safe computing is about as effective as encouraging safe sex, because people continue to ignore the dangers of today’s computing environment, whether it’s teenage chatrooms, web server exploits or viruses.
All of us need to accept that we are living in a war zone and not the cosy new digital world we see advertised on television and seen on the shelves at PC World. People buy PCs like they buy PlayStations and televisions. A PC is seen as a commodity, which in this case, offers a window to a world of previously undreamed of possibilities and information resources.
But when people encounter internet crime, which is a regular fact of life on today’s information superhighway, it still seems to come as a surprise, rather like a well-known celebrity keeping £1m worth of jewellery in her home and expecting it to be safe in the Britain of the 21st century.
The reality is that we should be more zealous in defending our property. Perhaps a PC sale should start with the firewall and the antivirus software and end with the processor, instead of the opposite.
When SQL- Slammer appeared earlier in the year, I predicted that it wouldn’t be the first "firestorm" of 2003. Two really big incidents a year now seem to be the norm and perhaps we won’t see a repeat performance until the new year.
Blaster, however, could have been much worse and, like SQL-Slammer, it should have been a lesson to everyone, from IT director to silver surfer. Unfortunately, it won’t be. I can predict, once again and with some confidence, that within 10 months there will be another nasty surprise which, once again, will have BBC Breakfast worrying about the end of the world.
The internet will shudder for a while and millions of pounds will be lost as production servers are taken down and patched once again with code that has been sitting around for some time with "Critical Windows Update" written on the front in large red letters.
Let's be careful out there.
What's your view?
Were you ready for the latest batch of viruses? Tell us in an e-mail >> ComputerWeekly.com reserves the right to edit and publish answers on the website. Please state if your answer is not for publication.
Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.
Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies and specialises in the areas of eGovernment and information security.
For further information on Zentelligence and its research, presentation and analyst services visit www.zentelligence.com