BetaONE will rise again!


Reply
  #1  
Old 18th Aug 05, 11:33 PM
Alpine's Avatar
Alpine Alpine is offline
Retired Crew
 
Join Date: Feb 2002
Location: Run Forest, RUN!!
Posts: 3,601
Alpine is on a distinguished road
Send a message via ICQ to Alpine Send a message via AIM to Alpine
Worms meet corporations in legal minefield
I SPENT MOST OF Tuesday morning at a financial services provider, and the talk of the morning was all about a large financial services giant and the Zotob worm.

Any guesses why? It was claimed that said large financial giant was another notch in the Zotob author's belt, and while they were not down per se, it caused problems, slow networks, and downed services.

Another day, another massive bot infection. When will these people learn trusted computing and Microsoft promissory press releases are not worth the paper they are printed on? And yes I know they are not on paper anymore. Here is when they'll learn, when someone notices that getting infected violates a whole bunch of laws, and that brings down the legal hammers on them.

What do I mean? Well, for this said large financial organisation, there are several new regulations that are now in force, but the one that I am specifically thinking of is SarbOx. If they were an HMO or hospital, they would have HIPPA to contend with too. These laws have some pretty onerous data access and authenticity requirements backed up by civil and criminal penalties. Several states like California also have laws on notification and reporting on top of these.

So, what's the problem? The large financial organisation just got potentially owned bad, it was infected by a bot carrying worm that allows outside access to the computers, the data carried within, and potentially the servers. Keyloggers? Maybe. Things riding on the back of Zotob? Maybe. I don't know, do you? Do you think the large financial organisation does either?

So, on one side you have a company that got screwed through sloppy patch practices and an impossible task of keeping a Microsoft network patched. I do say impossible on purpose, I mean it in the literal sense, not the conversational one. On the other side, you have organisations like the SEC looking for heads to nail to the wall. They don't take excuses like 'we didn't know' or 'we didn't foresee that one' with a smile and a laugh, this is 'buy your way out with political contributions' territory.

So, a large financial org got hit, and hundreds of computers were compromised. Did any of them have sensitive and/or customer data on them? Are you sure? Can you prove that? Has any of the data been tampered with? The answers most likely are a yes privately, no publicly, no, no and no clue respectively. To be honest, this is not just a big financial organisation's problem either, there are probably a bunch of others in the same boat, I just happened to overhear a phone call between someone and this said corporation.

What will happen? Nothing this time. I am sure the SEC is way too busy picking up real bad guys to enforce the letter and intent of the law, but that will change as soon as something really bad happens on a future bot attack. That kind of thing can rewrite enforcement priorities in a stunningly short amount of time. So, what then? Then they go back with a give everyone they can think of the auditing equivalent of a body cavity search, and the questions like I am posing get asked. This is a legal time bomb people, and even the latest and greatest MS solutions put into place are rather impotent. This one only affected Win2K, but that is more a fluke than anything else, there have been several that ran rampant over the 'invulnerable' XP SP2 already, and it is a matter of time before the next one hits. Maybe this one will be enough to make companies and Microsoft take security seriously. If not, anyone have the phone number for the SEC?

Source:

The INQuirer
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump


All times are GMT +1. The time now is 04:53 AM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.