So you scanned your system after hearing all this talk and alerts about this “serious threat” and now you’ve found something suspicious and you’re wondering what to do. Well, it’s not that you had blocked it nor was the system fully patched and the doors closed, it was already on the system and has already done its rounds of spreading and attaching itself to critical areas of the system. This kind of threat isn’t the kind that you can rest comfortably with (well I can’t/don’t) and I wouldn’t feel comfortable knowing that it is on a network of someone I converse with.

I mean, things do happen but there should be due diligence in your system security best practices and how they are handled prior to an issue like this.

Now comes April 1st and you’re wondering, oh my God, what am I going to do?

Well, you’re about to be activated and who know what your command, effects and impact will be.

I hope that this is more of a hoax than what I have concluded from my own personal analysis. Maybe it’s time you start being more proactive than reactive.

We’ll just have to wait and see.

IT Security IS a people problem, not an industry one.

The IT Security Attaché

When CBS’s 60 minutes ran the story on Sunday March 29^th at 7pm, it’s as if the world woke up to the realization that this is serious. The very same words and things I have been telling people didn’t resonate until they heard and saw it on 60 minutes. Wow, and you wonder why the state of our security is so weak and poor, people don’t know who to listen to nor trust in these matters. So now I am talking to the same people who I talked o a year ago about the importance of properly protecting themselves from these risks and why it is needed today.

One person call me and was saying, “hey Brett, did you watch 60 minutes and see that new worm they are talking about. Man that’s serious isn’t it?”

So now i’m sitting on the other end of the line going, huh, are you serious, this is the same thing I have been talking about for years and trying to get you to understand, this is just a named threat but a threat none the less with a more sophisticated architecture and attack vector. It’s amazing.

I had more people asking which anti-virus software can stop this threat than what is this threat really about. This is one of the issues I have with a scenario like this because people need to take the time to learn and understand more about the threat and how it proliferates so they can better help to prevent the infection or spread even if they have security installed and running on their systems. We need more educated people to help maintain a strong wall of protection against the spread of these threats/risk via the internet today and tomorrow. Learn, get the facts, understand the need and activate the common sense.

Guess what, you’ve been activated. You’re now more alert, more intrigued, more prone to fighting these issues because it is in your backyard and you MUST DEAL WITH IT. How you decide to handle yourself is another issue.

I hosted an IT Security Webcast on March 22^nd and 5 people who declined to attend the session via the event invite on Facebook ended up with some form of infection two days later.

When asked how they got it, I was told,

I’m not sure or I don’t know.

The reason for declining my invite was that they have anti-virus on their system to protect them so they are ok and good to go.

What can I say?

Many will fall under these kinds of issues because they think they are good to go and not needing to learn or know more about how to protect themselves online. While they rest assured that they are protected by their AV client they still practice bad browsing, file sharing, file cracking, key generation and illegal software downloads everyday which gives systems access to these hackers via backdoors.

The next time you decide to download a keygen, password generator, cracked file, music from unknown people/sites or browse a website from an IM someone may have sent you, think twice about what you’re doing to your system, yourself and those you share and converse with. Support the developers and buy the apps. Get the real code.

The next time you decide to click ok on that pop up window without reading what it says while browsing, think again and take a minute to read it.

The next time you decide to open that chain mail and click on the link, hey, hey, hey, watch out now. You may know and trust the sender but do you know if he/she really sent it?

When in doubt, reach out.

And so we wait for April 1^st to see what Conf*ker will do to those systems already under its control.

What are you doing about it?

The IT Security Attaché