Home User Threat
It has been more than a year since the Code Red and Nimda worms rocketed around the globe infecting millions of servers running Microsoft's Internet Information Server (IIS).
By Paul Roberts
November 08, 2002 — CSO — It has been more than a year since the Code Red and Nimda worms rocketed around the globe infecting millions of servers running Microsoft's Internet Information Server (IIS). But while Microsoft quickly issued a patch to close the security hole that Code Red exploited, hundreds of unpatched and infected hosts can still be found on the public Internet. It's a problem that raises a vexing question: what to do when those responsible for maintaining Internet hardware shirk their responsibility?
"There are a significant number of servers worldwide that have no security at all," says Mikko Hyppönen, manager of antivirus research at Helsinki, Finland-based F-Secure.
The most chronically infected culprits, according to Hyppönen, are servers belonging to home users. Many of these individuals have no knowledge of how to manage a public Web server and may not even know they are hosting a Web server on their desktop or laptop.
For Web server administrators with secure systems, those infected machines may come to feel like old friends
But, Hyppönen points out, those infected machines also pose a significant risk to the entire public Internet. Infected machines, by definition, contain open doors that malicious hackers can use to distribute their own viruses, or to launch denial-of-service attacks on targeted websites.
One solution, suggests Hyppönen, may be for outsiders to fix the holes themselves
Simple enough. The catch? Cleaning up a virus on an infected machine that doesn't belong to you still qualifies as an unauthorized electronic intrusion onto somebody else's property. It's a violation of both U.S. and international law that can carry stiff monetary penalties and even jail time.
To tackle this problem, Hyppönen advocates the creation of an international body with the authority to intervene and fix infected machines. "It would be like an Internet police
Read more about data protection in CSOonline's Data Protection section.
Other stories by Paul Roberts
The challenge of true data protection spans databases, internal and external networks, physical and offsite storage, business partners and more. These resources offer expert perspective from the basics through specific key elements of data protection strategies.
Network security basics
Protection, detection, and reaction—those are the three underlying principles your security program must embody
Computer incident detection, response, forensics
Richard Bejtlich shows how to measure and improve the maturity of your incident response
A few good IT security metrics
Stop counting blocked malware attachments and measure things that can contribute to meaningful change
5 key cloud security trends
Cloud security is evolving rapidly—stay on top of it
IT risk assessment frameworks
How to do end-to-end encryption
How to compare and use enterprise antivirus
Also find sample data protection policies in CSO's tools, templates and policies library
- The CISO's Survival Guide to Securing Data
- Data Privacy and Protection in Production Environments: New Research from Ponemon Institute
- FireEye Advanced Threat Protection KnowledgeVault
- Five Tips to Consider in a Data Security Strategy for Smartphones and Tablets
- Moving Your Email to the Trusted Cloud
- Comprehensive Server Protection
- Howard Schmidt went the distance
With Howard Schmidt leaving the White House at the end of the month, the critiquing of his tenure is in full swing -- as it should be. There are still plenty of loose ends dangling in D.C., most notably Congress' inability to craft legislation that strikes the right balance between security and privacy. - #FFSec: Security pros to follow on Twitter, May 18
- DHS cybersecurity official leaves more questions than answers
More Salted Hash with Bill Brenner
