Thought for the day: Virus writers enjoy public holiday releases

Christmas comes but once a year but that will not stop the hackers, so users must ensure that all their anti-virus defences are...

New Asset  
Christmas comes but once a year but that will not stop the hackers, so users must ensure that all their anti-virus defences are fully effective on a 24x7 basis, says Mike Fenton





Most companies’ internet security policies have a potentially fatal flaw: they rely on long-suffering IT staff to run updates and install patches. Your staff may be good and they may be hard-working, but they are also people and they need a day off now and then.

Whatever you may think of virus writers, some of them are very good at picking up on opportunities. They know when companies are at their most vulnerable and exploit this by carefully timing the release of new viruses to happen at weekends, overnight or on public holidays.

For example, the Bagle virus was first spotted earlier this year on Sunday 18 January. It was released over the weekend, which caught out many companies and left anti-virus suppliers scrambling to get updates out on the Monday. The virus’s release also appeared to be timed to coincide with two public holidays: Martin Luther King Day in the US (the following day) and Chinese New Year.

Although IT staff may not be at work outside office hours, their PCs may still be online and home users will also have their PCs on, so there are plenty of computers connected to the internet to spread the virus.

In most companies there is always someone putting in overtime in the evening or at weekends, so your network is vulnerable before the IT staff realise there is a problem. By the time they do, it may be too late.

From an installed base of about 5,000 security appliances, Network Box tracks viruses. An average week reveals between 300 and 400 viruses for each appliance and, although this drops to about 200 per appliance at the weekend, the volume is still significant.

There are viruses knocking at the door of your network 365 days a year, Christmas or not.

So what can the poor, overworked IT manager do to deal with this? Realistically, only the biggest companies are able to provide 24x7 IT cover to update virus protection, and even then holidays, staff illness and unforeseen demands can make it difficult to be on top of security at all times. For smaller firms, IT cover is inevitably some way short of 24x7.

One option is to outsource security, but many companies prefer not to choose this route. When we questioned UK IT managers earlier this year, the survey found that nearly 70% said that managing security was complex and time-consuming, but only 40% of respondents said they would consider outsourcing this function.

If you are handling security yourself, make sure you select products and suppliers that handle as many of the maintenance chores as possible automatically, without the need for user intervention.

Scheduled updates are essential and some suppliers can push the latest anti-virus signatures (files that identify the defining characteristic, or signature, of a virus) out to their customers’ hardware and software.

This ensures that their protection is as up-to-date as possible.

Finally, there is no substitute for well-educated users. Internet security threats increasingly rely on social engineering and naive users clicking where they should not.

Keep your users informed about what is allowed and what is forbidden, and you will have a fighting chance of keeping viruses away from the company Christmas tree.

Mike Fenton is director of managed internet security appliance supplier Network Box

Read more on Antivirus, firewall and IDS products