Welcome to the eighth issue of the ISO17799 newsletter, designed to keep you abreast of news and developments with respect to ISO17799 and information security.
The information contained in this newsletter is absolutely free to our subscribers and provides guidance on various practical issues, plus commentary on recent Information Security incidents. In view of recent events, this issue focuses particularly upon business continuity and disaster recovery.
Included in this issue are the following topics:
RECENT INTERNET ATTACKS: BLASTER
Virus attacks remain the most common form of security breach.
One virus-like worm called “Blaster” has recently infected over 300,000 computers. It is also known as LovSan as it leaves a love note to 'San' on infected PCs. Although it does not destroy files it continually shuts down the computer and restarts. Microsoft actually posted a fix for this virus as early at 16 July but many organizations and home users have not installed it, so the vulnerability still remains and infection continues.
The lesson from this: monitor and maintain your operating system and other software with security fixes and upgrades as they are released.
Many organizations typically have a firewall that can repulse such attacks. However, weaknesses in the use of firewalls, including through laptops or home computing equipment, can sometimes allow breach if the software is not kept up to date. Again, PRO-ACTIVE management is required: organizations should introduce and enforce policies and procedures to ensure that firewalls are kept up to date on all equipment that is used by their employees for the organizations business.
Generally therefore, many business are often slow to update their files and software with latest fixes and only respond when a problem occurs. This is a dangerous path.
In accordance with the requirements of ISO17799, all organizations should have clear enforceable policies and procedures that ensure at least firewalls and virus software are kept fully up to date. This requirement should be supported through regular audit and internal control checks.
ISO17799 Reference: Protection against malicious software is covered in Section 8.3
www.security-manual.com (security management)
www.sophos.com (AV supplier)
www.symantec.com (AV supplier)