BT innoculates global IT systems against worms

BT is to roll out advanced technology to protect its global management networks from computer viruses, which have the potential...

BT is to roll out advanced technology to protect its global management networks from computer viruses, which have the potential to severely disrupt telecoms and data services.

The telecoms operator plans to "innoculate" more than one million servers and desktops used to manage its external voice and data services and internal IT systems by the end of the year.

The move follows growing concerns that "zero day" worms, which exploit vulnerabilities before suppliers develop patches, could cause severe damage to businesses.

"We want to protect our management network, used for managing IP, data, public switched telephony and switches. This is a mission-critical network - our crown jewels.

"If it were infected, that would have a very heavy impact on our ability to provide services," said Dave Harcourt, BT security manager.

BT has worked with supplier Arbor Networks to develop a system, called Peakflow X, which scans the network and uses firewalls and switches to block the spread of a worm.

The combination of hardware and software will allow BT to continue using its networks if machines are infected by worms that get past perimeter defences, or that infect unpatched machines.

The system identifies infected machines so that they can be cleaned and restarted.

"You cannot rely on every host being protected when you have as large a network as we have. We have a lot of third-party contractors and controlling the build on every host is difficult," said Harcourt.

BT, which is investing "several hundred thousand pounds" in the technology, said it would recoup its costs if the system was able to limit a single worm outbreak.

"From an industry perspective, many people had problems with Slammer. Corporate networks were lost for two days or for up to a week," said Harcourt. "If Peakflow proves effective at stopping something like Slammer, then that one worm will pay for it."

BT plans to deploy the systems across its worldwide internal Unix and Windows networks, following a nine-month development trail on a business-critical network the UK. 

How worms affect UK businesses    

  • Virus and worm attacks were responsible for the most serious security breaches experienced by two-thirds of UK firms last year 
  • The damage caused by virus and worm attacks ranged from a few hours' disruption to major loss of service for a month or more 
  • Half of UK businesses suffered virus and worm attacks or denial of service attacks last year 
  • The Blaster worm was responsible for one-third of infections in UK firms, and more than half in large companies 
  • On average, the worst security breaches cost businesses between £7,000 and £14,000. For large companies, the cost was between £65,000 and £95,000. 

Source: Department of Trade & Industry Information   Security Breaches Survey 2004

Read more on Hackers and cybercrime prevention