Scandal shocks business world
By Avi Cohen
Published: 29.05.05, 19:27
Comment Comment
Print comment Print comment
Back to article
9 Talkbacks for this article
1. trojan horse indeed..
a reader ,   israel   (05.29.05)
I guess next time they should beware of Geeks bearing Gifts...
2. Update AV and firewall should protect you
Robert Goldman ,   cooper city Florida   (05.30.05)
if your companies IT guy/gal hasn't been updating the firewalls and the virus protection it is now time to replace that person who actually hacked their way into your company themselves by not being what they say they are. professional... all software that accesses any part of your pc and or network should show up on the security monitor, and no one outside of the IT guys should be installing software at all But then we come to Moronis offices the twit that just has to open every email they get even when told not to,,,,,, anyone need a good IT GUY?
3. Wrong. You obviously have NO clue about your business!
Joe ,   Salzburg, Austria   (05.30.05)
First let me say that I am responsible for the Firewall / AV Solutions / IT Security of a big European company. We employ hundreds of computer programmers who have to be able to install their own programs. There is no way for me to detect an unknown virus/Trojan and I don’t have the time or the resources to deploy state-of-the-art intrusion detection mechanisms, though the battle for being allowed to deploy a NIDS is not yet lost completely (there has to be some incident first in order to get my CIO to grant me further funding for security). That having said, you call me and my equals - who were not able to detect an unknown virus -unprofessional? I call you ignorant, arrogant and utterly clueless about real world computer security. Have you read the "Tao of network security monitoring", "Know your enemy", "the art of deception", "Stealing the network: how to 0wn the continent", "Silence on the wire", "Practical UNIX and Internet Security", "Secret and Lies", "Exploiting Software: How to break code" et. al.? I read these books in my spare time but lack the resources to employ all the theoretically available techniques that exist today. Tell me, how do you manage perfect security for thousands of users without the proper resources? Who tells you that the admins at those companies were better off than I am? Then again, why did you say you were currently unemployed? From : Since the virus was adapted for each client's purposes, it was not detected by information security systems. Edelman said, "This is not a common software that anti-virus software makers have had to fix."
4. Just don't use the PC with admin priviledges
Ofer Hadas ,   Holon, Isreal   (05.30.05)
The most common way for people to get infected by trojans included in email (or cds that execute automatically) is by doing everyday work with admin priviledges. when something doesn't work without priviledges, the solution is to give the user privileges. Of course the privileges are then also granted to anyone sending an attachment to the user etc.
5. To Joe, Salzberg
David ,   Karmiel   (05.30.05)
Yep, you are right. The hackers and the virus creators are always 1 step ahead. You can make as many laws as you want but the hacking world is always there in advance.
6. Guys, the best way...
Mikhail Krymsky ,   Moscow, Russia   (05.30.05) protect the PC against viruses, spyware etc. - Safe'n'Sec. Do you know this program? We tried to execute many malicious .exe, modify the registry or system files, connect the test PC to the infected LAN - SNS blocks every attack. And it doesn't need antivirus bases because it controls actions, not files. Very cool, I recommend :)
7. not only AV & Firewall
anonymous ,   USA   (05.30.05)
there should be a information security team employed at each company scanning the network constantly for unknown and or malicious applications; even with the most updated AV software, once an employee is inside the firewall, they can pretty much do anything they want if they have they have domain admin rights (which most IT ppl do).
8. Time to learn new preventive technologies
Vadim ,   Kiev, Ukraine   (05.30.05)
Well, I agree that commonly used antiviruses do not help against unknown Trojans, because they employ signature based identification technology, i.e. zero-day viruses and Trojans get through easily. NIDS may not be very efficient also, because often, like in this particular case, users launch malware themselves from their local hosts. That means that protection of local hosts against yet unknown malware is what you need. And such preventive solutions based on innovative proactive technologies do already exist. There should be several at least, I know two for example: Panda’s TruPrevent and StarForce’s Safe’n’Sec – try both to get familiar with what options such technologies provide. By the way, a really preventive solution is also efficient against new threats like this:
9. get real
@7: As if every company can afford that. No, the CAUSE should be tackled: unsecure OS'ses. Some OS allows many kinds of secret code-executing. Etcetera.
Back to article