Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.
read more
Stan Beer
Tuesday, 25 October 2005 11:00
Staff using Hotmail accounts can cause massive security risks for their employers, as demonstrated this month when the Sober.R virus disrupted a major company, warned and Australian information security expert.
David Simpson, managing director of information security firm CQR Consulting, said the Sober.R virus had caused significant disruption within otherwise well-protected enterprises. “For a lot of organisations, webmail bypasses all anti-virus features at the email gateway unless it is filtering HTTP traffic,” Simpson said.
“In this case, the Sober.R virus came in off a webmail account when an employee checked personal email while at work. Very quickly, it caused a couple of hundred machines to become infected. No viruses got outside the organisation because of its gateway setup, but the virus disrupted a lot of business activities and chewed up a lot of network bandwidth.”
The W32.Sober.R@mm is a mass-mailing worm that uses its own SMTP engine to spread. It sends itself as an email attachment to addresses gathered from the infected PC. The email may be in either English or German.
Simpson said that business disruption demonstrated far-reaching consequences by a seemingly innocent action. “The policy says staff should not use webmail accounts at work, but employees say "what’s the harm?" because they don’t understand the risk,” he said. “They assume that because they have antivirus software installed that they are protected. In this incident, it took a day and half to clean up the consequences of this inadvertent action and you can be sure that this was not the only instance.”
Simpson said the best way for organisations to protect themselves against this sort of risk was education. “The fundamental answer to the problem of information security really lies with people,” he said. “Technology is becoming ubiquitous, but does not by itself provide the answer. Installing a firewall and anti-virus solution will not stop the pain of business disruption.
“You need ongoing education so people understand why policies exist and that they are not just a case of the boss being Big Brother. An effective approach is to educate them about home exposures as well, so they get a personal benefit out of it. Some organisations take a more heavy-handed approach and ban the use of webmail, which is technically possible.”
Loading comments ...
 |
Microsoft Office 365Try an easy-to-use set of web-enabled tools for business-class productivity services. Office 365 provides anywhere-access to email, important documents, contacts, and calendars on almost any device.  |
LATEST HEADLINES FROM YOUR IT
