Security Think Tank: Flame – proceed with caution

What can an organisation do to protect itself from malware such as Flame? One area is maintaining vigilance though imparting awareness of the issues among staff.

Download this free guide

3 key web security guidelines from FS-ISAC

We address the ongoing issues regarding web security for businesses relying on an online presence. Download this e-guide and discover how to identify and address overlooked web security vulnerabilities as well as why you should look at the full security development lifecycle to reduce web threats.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

• • I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

  Please check the box if you want to proceed.

• • I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

  Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

As with any awareness initiative, it must be continuous, not a one-off exercise. 

Such an awareness initiative must caution staff about the use of USB devices, as that is one route that malware such as Flame can enter a company's systems. For example, warn staff that only company-issued USB devices may be connected to a company PC. 

Another is about opening attachments or clicking links in e-mails from unexpected sources (are you expecting a file from a mate? No? Be cautious, call the mate and confirm before opening), manually type a URL in a browser and not click a link, be cautious about the use of shortened URLs and if in an e-mail from an unknown source, don't use. 

Be vigilant about network and server resources as high CPU or disk loading or heavy internet traffic outbound or poor network response at times of the day when not expected – these may be the only indications that your systems have been infected with malware such as Flame.

Other things a company can do is to better utilise the functionality available in operating systems, particularly for USB port control, and to put together comprehensive firewall rule sets that control outbound traffic as well as inbound traffic (e.g. only open specific outbound ports from specific machines such as proxy servers).

Peter Wenham is a committee member of the BCS Security Forum strategic panel and director of information assurance consultancy Trusted Management.