No. 1 Story

ACCC clears Optus to scrap HFC network and use NBN instead

The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read more

Related Articles

Expert, warns, security, dangers, from, webmail
Aussie businesses 'soft targets' for hackers, says security expert
Australian businesses are becoming soft targets for malicious hackers and they lag significantly behind...
Read More
MAD MECS applies location-based security policies to mobiles
To address the ever growing concerns of CIOs around security of mobile devices, US...
Read More
Juniper offers SSL VPN security for the iPad
Juniper Networks has extended its SSL VPN security to the iPad with the release...
Read More
Social networking - the security dilemma
A recent survey by security company Sophos exposes the dilemma to business posed by...
Read More
British intelligence warns of Chinese hacking
The internal security agency MI5 has warned UK businesspeople that agents of the Chinese...
Read More

Popular Threads

Expert warns of security dangers from webmail

Stan Beer
Tuesday, 25 October 2005 10:00

Business IT - Security

View Comments

Staff using Hotmail accounts can cause massive security risks for their employers, as demonstrated this month when the Sober.R virus disrupted a major company, warned and Australian information security expert.

David Simpson, managing director of information security firm CQR Consulting, said the Sober.R virus had caused significant disruption within otherwise well-protected enterprises. 'For a lot of organisations, webmail bypasses all anti-virus features at the email gateway unless it is filtering HTTP traffic,' Simpson said.

'In this case, the Sober.R virus came in off a webmail account when an employee checked personal email while at work. Very quickly, it caused a couple of hundred machines to become infected. No viruses got outside the organisation because of its gateway setup, but the virus disrupted a lot of business activities and chewed up a lot of network bandwidth.'

The W32.Sober.R@mm is a mass-mailing worm that uses its own SMTP engine to spread. It sends itself as an email attachment to addresses gathered from the infected PC. The email may be in either English or German.

Simpson said that business disruption demonstrated far-reaching consequences by a seemingly innocent action. 'The policy says staff should not use webmail accounts at work, but employees say "what's the harm?" because they don't understand the risk,' he said. 'They assume that because they have antivirus software installed that they are protected. In this incident, it took a day and half to clean up the consequences of this inadvertent action and you can be sure that this was not the only instance.'

Simpson said the best way for organisations to protect themselves against this sort of risk was education. 'The fundamental answer to the problem of information security really lies with people,' he said. 'Technology is becoming ubiquitous, but does not by itself provide the answer. Installing a firewall and anti-virus solution will not stop the pain of business disruption.

'You need ongoing education so people understand why policies exist and that they are not just a case of the boss being Big Brother. An effective approach is to educate them about home exposures as well, so they get a personal benefit out of it. Some organisations take a more heavy-handed approach and ban the use of webmail, which is technically possible.'

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases