Computer Support Network

Tim Rains, a director of Microsoft’s Trustworthy Computing group, revealed earlier this week that, “Between one-third and one-half” of all attacks detected and blocked by Microsoft’s security software from the beginning of July 2010 to the end of June 2011 were Java-based.”   Microsoft’s anti-malware technologies blocked more than 27.5 million Java exploits over a 12-month period, many of which had been patched at least a year ago, Rains said.

Not only does this data support the idea that users are slow to apply patches but that many users never apply patches at all.  The fact that hackers and cyber-terrorists continue to target vulnerabilities that have long been corrected speaks volumes on the number of users who are ignorant or indifferent to the dangers.  Part of the reason Java based attacks have become so common is the fact that it is a nearly universal application across all platforms and devices.  Oracle, Java’s parent company reports that that application currently runs on over 3 billion devices.

While many security experts advise against the installation of Java in a corporate environment at the very least regular updates need to be scheduled and user awareness of potential threats needs to be made a priority. Because of the nature of Java, attacks can come in the form of websites, email attachments and even hidden within other software installers.  In most office places Java shouldn’t be a necessity for the majority of users, and if it’s not, always consider that the less software installed in a browser, the less likely an attack will be successful.

Because of the wide array of potential infection points and prevalence of Java across operating systems, it is advisable that system administrators and users should regularly update Java and be diligent about the updates. Additionally, as 64-bit operating systems become more common users and admins should pay extra attention as some systems may be running different versions of Java within a single environment.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Computer viruses and malware may seem like a relatively modern concern but malicious software has existed since the early days of computer hardware. In recent years the media has played a large role in public awareness of malware with more frequent reports on the latest cyber threats. An even greater element to the increased awareness is that computers now permeate every aspect of modern life. With the increased awareness we offer a glimpse at some historical malware that set the framework for the threats of today.

1947 – A Bug in the Machine: The very first instance of external system failure was not caused by software at all. In 1947 a Harvard researcher reported a system failure caused by a moth trapped in the system. The term “computer bug” stuck and has been used ever since.

1971 – Catch Me if You Can: The first virus created with mischievous intent was the Creeper virus. The Creeper virus was detected on ARPANET, a US military computer network which was the forerunner of the modern Internet. Systems infected with the Virus would display the message ‘I’M THE CREEPER: CATCH ME IF YOU CAN.’

1981 – Apple Catches a Worm: In the early 1980’s the Apple II computer was king and its success predetermined the first wide spread virus. The Elk Cloner virus infected the boot sector for Apple II computers and spread when a blank uninfected disk was inserted. The virus delivered a payload of rotating images and messages and would impede performance. Two years later the term ‘virus’ was coined to represent self-replicating computer programs.

1987 – Seek and Destroy: The Vienna virus is notable for two reasons. First it was the first computer virus that was created to destroy computer data instead of as a joke. The virus spread around the world and was the first threat to attract major public attention. The virus was notable for another reason; shortly after its appearance technician Bernt Fix was successful in finding a way to neutralize the virus. This was the first precursor to the modern antivirus.

1990 – Polymorphic Spree: The Chameleon family of computer viruses was the first instances of a virus that would change and adapt every time it infected a new computer. Chameleon did not have a permanent source of code which made the creation of a reliable antivirus a high priority.

1998 – Broken Windows: Virus attacks on MS Windows, MS Office and various network applications run rampant and allow thieves to gain access to passwords and control computers remotely. Infections grew to the point that The New York Times ran an article late that year to warn users about threats that would now spread by email.

2003 – A Global Affair: Two global internet attacks were broadcast in 2003 that would be called the worst in the history of the internet. The Slammer and Lovesan internet worms spread fast and made use of vulnerabilities in MS SQL and the RPC DCOM service working under Windows 2000/XP. The worms revealed just how vulnerable the Windows operating systems were and put nearly every internet user at risk.

2009 – A Fool in April: The Conficker computer worm attracted more media attention than almost any malware program in history and prompted the attention of Homeland Security. The Conficker worm spread quickly and has resulted in an estimated 12 million computer infections worldwide. Since its creation the Conficker worm has evolved into five different versions and remains a threat even today.

Now – Back to the Future: It is unlikely that computer malware will cease to be a problem in the near future and so it’s important now more than ever to be prepared. Prompt security patches combined with a strong antivirus and firewalls are a necessity to protect your systems. Learn from the past and you can be protected in the future.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

Office network security should be among the top priorities for all office managers.  Over the last three years there has been a steady increase in the amount reported cases of data loss caused by system breaches and negligence.  As the information technology costs of business increase its important to be aware of potential problem areas and find ways to address them.  These ten tips can help you begin your search and help build a proactive and secure office.

10.       Install a strong first line of defense. Not all system attacks are related to newly discovered program vulnerabilities.   A strong firewall/router can make all the difference when it comes to protecting your system data.  As information filters through your firewall you can get a clear picture of potential problems and stop many threats before they ever reach your systems.

9.         Keep your antivirus up to date. Antivirus software is one of the strongest forms of defense against virus and malware threats.  The problem that many businesses don’t address is that if your virus definitions are not kept up to date it’s possible that new viruses and exploits will still get through.

8.         Plan for expansion. When it comes to backup solutions many businesses look no further than the present.  This nearsightedness will result in long term complications as the data needs of the company grow.  If your storage space starts to run low you may find that you are unable to backup your data as often or as completely which will put your company at great risk.

7.         Expand data storage as you need it. With traditional storage systems when storage capacity reaches its limits you would be required to purchase a whole new tape library but this upgrade stress can be alleviated.  A great way to backup data is in a Virtual Storage device.  With a virtual storage solution your storage capabilities can grow organically overtime.  As an added benefit Virtual Storage solutions make it possible for a single user to administer thousands of terabytes of data efficiently.

6.         Establish monitors. Roughly two thirds of the threats that plague businesses happen internally either out of spite or negligence.  Monitor the resources that your employees have access to and ensure that nothing is amiss.  Crucial data should not be accessible by general employees and if it must be available to a large number of users, make sure it is also regularly backed up to a secure location.

5.         Automate your backup. Backing up data isn’t hard but it is easy to forget.  All network data should be systematically backed up and stored securely through an automated process.  A single person should be designated to check on the status of the backup data regularly.  Nothing is worst than a false sense of security.

4.         Plan for recovery times. A strong backup system is a great first step but it’s also important to plan ahead for what it means to fall back on one.  Data recovery from disk based storage is often slow and cumbersome.  Make sure that if you need to recover you will have adequate time to do so.

3.         Shutdown unused services. Modern computer systems ship with numerous programs that are not only unnecessary but could also harm your computer if not used correctly.  Ensure that you know of every program running on your computer and what each of them does.  It’s better to do a little research than to have an unnecessary hole in your system security.

2.         Plan for the worst. Eventually, something will go wrong.  Test your backup and antivirus solutions regularly.   Look for weakness in bandwidth limits, network delays and the potential for human error.  An untested backup solution is as bad as no backup solution.  Not only does it have a high chance of failure but it also gives a false sense of security.  Ensure that if your data fails your company won’t fail with it.

1.         Facilitate a regular patch schedule. This might seem obvious but it really is the most important step in the protection of your office.  New software and operating system vulnerabilities are discovered all the time and if you don’t have a system in place to apply patches, your network is at risk.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department

The holiday season is a popular time for cybercriminals to host attacks again business computer systems.  With employees distracted with more important things and holiday media circulated freely cybercriminals are often given free reign to cause disruption and damage.  Patching system vulnerabilities is a low cost solution that can save a business thousands of dollars in damages in the long term.

The number of reported vulnerabilities has been on the rise for the last few years and reached over 3000 reported cases in 2008. With the high dependence of business computer servers the increase in vulnerability should not be a surprise. What is a surprise is that most businesses do not take the steps to protect their system infrastructure.

Patches are typically released shortly after a system vulnerability is found but often go unnoticed by the majority of users. The problem is that the patch process is often considered too complex, time consuming or not important enough to system administrators. Additionally, many feel reluctant to apply server patches because of the chance that they will respond poorly with a systems current hardware configuration. For these reasons it is ideal to have a system in place for periodical system backup and patching.

The importance of patching is made most apparent by the amount of damage that can be caused by the failure to do so. An exposed vulnerability to a single computer system can reveal information about all aspects of your business and cost hundreds of thousands of dollars in lost information. If an intrusion attempt is made to your server then this loss or damage is multiplied by the number of connected systems and the costs grows geometrically. Suddenly, the minimal cost of a patching solution doesn’t seem as great.

The capabilities of system intruders are increasingly sophisticated and at the same time easier to obtain. In most cases an attack will be made to target a single vulnerability. For this reason system intruders monitor security breach announcements diligently and once one is revealed, attempt to replicate it. This is why ITCSNY recommends the installation of Critical Updates (Patches) shortly after their release to assure optimum security, uptime and performance.

- Richard Keene
IT Computer Support of New York
Design and Optimization Department