Indonesian Political, Business & Finance News

Exhausting ordeal when worms attack!

| Source: JP

Exhausting ordeal when worms attack!

Vishnu K. Mahmud, Contributor, Jakarta
vmahmud@yahoo.com

The past few weeks have been exhausting for IT departments in
Indonesia. After the recent enactment of the Indonesian
Intellectual Property law, which caused many corporations to
scramble to ensure compliancy, an Internet worm attacked
computers worldwide.

The "MSBlast" worm, which reached its peak on Aug. 15, caused
many PCs and servers to be rendered practically useless.
Targeting Microsoft Windows operating systems, the worm had
managed to exile computer users from their documents, programs,
networks and the Internet. Those using the Linux operating system
or Apple's Unix-based Mac OS X were not affected.

MSBlast was followed by another worm (dubbed Welchia, which
ironically was created to target computers infected with
MSBlast), a virus (Sobig.F, which sends out spam that clogs up e-
mail systems) and an announcement of yet another vulnerability in
Microsoft's Internet Explorer web browser application.

All in all, nearly a million computers worldwide were
infected, including those at an American nuclear power plant, the
Air Canada national check-in counters, the U.S. Navy intranet
systems and the Maryland Department of Motor Vehicles, to name
but a few, not to mention countless small and medium business
enterprises.

Microsoft, to its credit, had issued a software patch to
protect against the MSBlast-type of threat in July but many users
either did not know or chose not to install it. During the height
of the worm infection, users couldn't even access the Internet,
let alone download the patch. In one case, a Jakarta-based IT
consultant had to ask a friend to download the software for him,
on a Red Hat Linux machine!

Many companies had to take their network offline in order to
clean and patch the systems. Business came to a near standstill
as documents and e-mails could not be created or sent. It seems
that computers are no longer communications tools to be used for
business but are actually the lifeblood of the company. It seems
that we have gotten so used to using these tools that we have
forgotten how to do things the "old-fashioned" way, such as using
manual typewriters and faxes, which are admittedly slower but
still effective.

What worries IT analysts the most is not that the world has
survived these latest computer attacks, but what virus coders
could do in the future. The fact that MSBlast can infect a
computer without users double-clicking an e-mail attachment,
which is usually how viruses or worms attack, opens a new era of
virtual assaults.

How can we avoid this in the future? The basics still apply:
back up your data, patch your computers early and often, and
secure your computers with antivirus software with the latest
viral signatures. Considering the effectiveness of MSBlast in
entering computers via the Internet without any user interaction,
a firewall is highly recommended, especially for those with
computers constantly connected to the Internet.

Download.com (www.download.com) has an abundance of firewall
programs (some free, some for a small charge) that can be
installed on your personal computer. Some of the more popular
programs are Norton Personal Firewall, BlackIce Defender,
ZoneAlarm and Sygate's Personal Firewall. Corporations should
consider high-grade firewall solutions from Cisco or Computer
Associates.

Microsoft Windows has a built-in Windows Update feature that
informs users of the latest security patches. Activate it to let
you know what patch is available and for what purpose. You can
then decide whether you want to install it or not.

Businesses should also consider diversifying their operating
systems. As shown in these latest attacks, having a homogeny of
computer systems could cause problems if they all go down. It may
be a good idea to use different systems (such as a Linux box or a
Mac OS X computer) in certain departments, which could be used in
case of emergency.

One story floating around the Internet showcased how a man,
who fought the IT department tooth and nail for an Apple
Powerbook laptop, helped his company grab two important contracts
when all the other computers were offline. A working computer and
a phone line was all it took.

But perhaps the most important weapon against this new form of
cyberterrorism is information. IT Managers and even regular
computer users should keep up with the latest news in the IT
world. CNN's IT section (www.cnn.com/tech) and CNet
(www.news.com) are great places to start.

People who drive cars or use heavy machinery are trained and
licensed. Although computer users do not need to be registered,
if you consider the amount of damage a PC can cause to the
Internet these days, you would want at least to keep ahead of the
game.

View JSON | Print