Worms and even anti-worm worms are proliferating today, as the Blaster worm and another worm trying to kill it are rapidly spreading and clogging networks all over the world. Smart admins patch their systems and firewall their networks in order to stave off infection, yet in the corporate world it's common to see networks compromised anyway... from the inside.
What can happen, and I've seen this happen IRL, is that a hardworking employee will take their laptop home, where they have Internet access of course, and as soon as they jack in they are exposed to the open network. Most home users do not employ firewalls or virus scanning, nor do they run system patches on time, thus the hardworking fellow winds up with the latest worm installed on their machine without a clue that they weren't protected. The next day they dutifully show up for work, and the worm awakens to begin aggressively scanning the internal corporate network for new hosts. Soon the whole network slows to a crawl, costing companies thousands if not millions in lost productivity.
This offline "jumping" of network firewalls is more and more common as laptops come down in price and grow in popularity, though its roots go way back to the early days of networking. I wasn't around in the true early days; I came upon the phenomenon known as Sneakernet only in the late 1980s when BBSs had 1200 or 2400 baud modem lines. Sneakernet is the alternative to wired electronic transmission whereby data is loaded onto a disk or tape and literally carried to its destination. We used to trade .zip and .arj files by Sneakernet as it was in many cases quicker than by modem, particularly since BBS users were often a tight-knit group that would party together in person as well as online.
Basically that's what these working Joes and Janes are doing- they don't use online mass storage for their work, or maybe they need to keep their home PC separate from their work PC, so they wind up carrying around data and applications by foot. Instead of a floppy disk they use their hard drives, and their unsecured home networks are prime breeding grounds for all kinds of nasty infestation.
I'm certainly not a security expert, but I know enough to run my patches and keep the firewall closed except for particular ports. Regular virus scanning and spyware detection also goes a long way. But what we need is to make security at home easy for normal people. I'm talking, easier than programming a VCR (which many people cannot figure out) - systems should ship secure by default. Many do, but we still need a social movement of sorts to help educate people about how to keep their systems up to snuff.
I submit that something as simple as knowing to get your oil changed every 3000 miles, with a reminder stuck to your windshield so you do not forget, would be a great start. Computers could ship with notices to get their systems audited by a local guy every so often, who would place a sticker on the monitor with a reminder about the next time an audit is due. The audit would consist of making sure all current patches have been run (the home user can do this, but the auditor would check up on it), run a virus scanner/make sure the installed service is still working and up-to-date, and run some spyware checks. Other system maintenance can be added in as necessary, this is just a list to get things started.
Automatic software updates are obviously not enough as we can see with the Blaster worm - behavioral change will get the best results. People have no problem going to a mechanic regularly to prevent problems, so a reasonably-priced IT audit service should have similar success.
Leave a comment