Monday, November 7, 2011

Stuxnet's Spawn Increases Widespread Cyberthreat - Viral Adaptation And Accelerated Evolution

Share this ARTICLE with your colleagues on LinkedIn .

Increasingly sophisticated malware (mostly of the trojan horse and worm varieties) is propagating and evolving in terms of sophistication at an incredible rate. These forms of malware are increasingly targeting small to middle-sized businesses which might be more vulnerable to attacks. Many of these are designed specifically to commandeer all of the systems and functions which are subject to the infected computer's control, including utilities (like HVAC, lighting, auto-locking physical security doors and zones, tracking of personnel, communications with other data systems and the like).

The following common sense precautions might prove helpful, but (lamentably) offer no certain guarantees:

1) Thoroughly screen any surfing activity, email and downloads with anti-viral and anti-malware defense sytems.

2) Do not install any new computers, peripherals, components, drives or programs which have not been thoroughly virus and malware tested. The items are frequently infected before they have even been packaged for sale. Don't be given a false sense of security because of unbroken shrinkwrap.

3) Run systemwide anti-viral and anti-malware checks with increasing frequency.

4) Maintain vigorous controls over employee outside access to internal systems.

5) Password-protect all computer access. Passwords must be algorithmically changed periodically.

6) Sensitive data should be encrypted.

7) Important information should be backed-up off-site with increased frequency.

8) For key physical security functions, manual override systems must be put into place, with their keys, codes and protocols kept in the hands of a limited number of very trustworthy individuals.

9) Limit access to critical data via mobile applications - they have increasingly become the targets (and portals) of malware and spyware attacks.

The excerpt which follows comes to us courtesy of a ZDNet newsletter, and it makes for excellent reading.

Stuxnet 2.0? Researchers find new 'cyber-surveillance' malware threat
Symantec warns of a new high-end Trojan that's "nearly identical to Stuxnet" but notes that the malware has a completely different goal.
More coverage:
  Which is the most popular malware propagation tactic?
  The greatest security vulnerability: You
Increased vigilance is the Human key to the threat of data dnd communications breaches by ever-more-sophisticated forms of subtle, but incredibly powerful malware. Computer dependencies must also be counter-balanced with manual systems having the potential to override computer controls which may be subject to hijacking.

Douglas E Castle and

Blogs And RSS Feeds
by Douglas E Castle

No comments:

Bookmark and Share