With Christmas approaching, experts are urging IT managers to be on their guard against viruses that exploit email users' seasonal goodwill. Recent virus infections suggest that many companies are still not adopting proper security procedures, despite repeated warnings.
So-called social engineering viruses are spread during occasions such as Valentine's Day, Easter and Christmas, when users are more likely to open email and attachments with alluring headers. Other social engineering viruses are designed to look like a response to an earlier sent email, or as though they contain something the recipient may have requested, such as a postcard, spreadsheet or other attached file.
Security companies warn that many viruses and other code written with a malicious intent, such as hacking tools, could target the Christmas holiday season.
Following the damage of May 2000's Love Letter virus, which cost businesses an estimated US$7billion through loss of data and downtime, businesses were urged to appoint specialist security managers to bolster technical and cultural defences. Experts recommended that antivirus software should be coupled with other protection, such as firewalls, to ensure security.
However, many new viruses, and variants of old viruses, are still infecting systems. Last week, antivirus firm McAfee placed a medium-risk assessment on the Badtrans B Variant, also known as W32/ Badtrans. Fellow antivirus firm MessageLabs said it had received an increased number of reports of the virus early last week and said that a significant number of corporate and home users were likely to be infected.
Baltimore's Mimesweeper Threat Lab has also warned firms to be on the alert for the W32.Aliz worm, which exploits a vulnerability in the Internet Explorer browser. The firm said that although the virus has been around since July and had been the subject of a Microsoft security bulletin, it was "beginning to gain momentum" last week.
SecurityFocus has warned firms of a new denial-of-service hacking tool designed to take advantage of default settings in Microsoft SQL Server installations. The tool, called Voyager Alpha Force, scans and infects systems that have left the system administrator account password blank. Companies have been warned to change the password and apply a firewall to block port 1433.
Given the threats, enterprises should be careful not to let simple administration tasks slip, experts said.
