Security
Security - Media View vs. Real World
Security - Media View vs. Real World
Security issues tend to come and go with unnerving regularity. The media talks about some huge security issue today, in a few days a patch is released and by the end of the week it's all forgotten about and the media are onto the next thing.
This is security from the viewpoint from "media land", where the goal is to cover the topic de jour and then move onto the next thing. In the real world things are very different. Let me give you an example.
Towards the end of January 2006 a new email threat came onto the scene called the Kama Sutra worm (you might know this by one of the many other names it goes by, such as Nyxem.e, MyWife.d, Grew.a, or Blackmal.e). This is a nasty piece of work that installs itself on systems and is then triggered to delete a variety of files on a trigger date which is at the start of every month.
The coverage timeline went something like this (I'm doing this partly from memory but also based on posts I made over on my PC Doctor blog at the time):
- 22 Jan - News first breaks
- 1 Feb - Removal instructions appear (by this point antivirus companies are all over it)
- 2 Feb - BBC News coverage
- 3 Feb - Trigger date
From this point on interest in this particular piece of malware waned and the media moved on to the "Next New Thing"™.
Problem is, this isn't the end of the story. This nasty piece of malware triggers at the beginning of every month and overwrites files (in particular Word and Excel files). When these files are then run, all the user sees is this message:
DATA Error [47 0F 94 93 F4 K5]
I've been fortunate to occupy the top spot on Google for this search term pretty much continuously since the story broke and this has allowed me to track searches based on this search term. Based on this one thing is clear - copies of this are still triggering monthly and I see a search spike every month of several thousand users a day for a few ways (I also get an inbox full of email from those affected looking for a magic fix for the deleted files - ). Even though the Kama Sutra worm is not talked about in the media any more, it's still hitting users, and hitting them hard.
The point I'm trying to make is this - just because the media has forgotten something doesn't mean that it's gone away. Vendors can patch vulnerabilities and every anti-virus product out there can be up to speed on the matter but that doesn't mean that everyone's magically protected. Malware, in particular worms and viruses, can have a very long lifespan indeed. I'll continue to track the Kama Sutra work and give you an update on whether I'm still seeing hits based on this in a few months.
The moral of the story, if it can be called that, is this. The media carries out a vital service when it comes to spreading the word about new security issues and vulnerabilities, but the effect is short-lived and people who haven't patched their PCs or installed proper security tools are on their own.
Adrian Kingsley-Hughes
Last updated: May 4th 2006
Print This Page |
Email me when this page changes
| Search This Site
- Fake Security Apps
- IE7: Low Rights
- Spyware Popups
- Media View vs Real World
- A Real Site??
- SP2 Info Bar or not?
- Google AutoLink Raises Eyebrows
- Unchecked Buffers
- Secure Disk Destruction
- Disabling UPnP
- Useful Security Products
- Vulnerability List
- 3 Steps to Protect your PC
- Safe and Unsafe File Extensions
- Browser Encryption
- How secure is that password?
- Double Entry Passwords
- How are passwords stored on websites?
- Passwords and Internet Cafes
- WEP Strong Key Generator
- WPA Random Key Generator
- Make Me A Password
- Choosing Good Passwords
- More on Passwords
- Viewing Images in Email
- 419
- Spam Uncanned
- More Spam
- Latest Spam Tricks
- Bogus Bulletins
- Spam & Ham
- Outlook Read Receipts
- New Norton for Vista
- Virus Alerts
- Virus Types
- Virus Hoaxes
- Live update Problem
- More Live update Issues
- Norton 2005 problem
Out Now!
Get ready to Build your own custom PC!
>> ORDER TODAY!!
|
|