Lines of defense

 

Connecting state and local government leaders

The last year or so has seen unprecedented consolidation in the IT security field'especially in the antivirus business, where big companies, including Microsoft Corp., have gobbled up innovative small companies.

The last year or so has seen unprecedented consolidation in the IT security field'especially in the antivirus business, where big companies, including Microsoft Corp., have gobbled up innovative small companies.So on the one hand, you have fewer products to choose from. But on the other, the remaining programs will have more tools and features, as the bigger companies integrate the new technologies into their products.There are several categories of antivirus software, and most agencies need to look at all of them. This guide addresses the broad category of antivirus software, which tackles three similar types of malware: viruses, Trojan horses and worms.The accompanying chart includes both enterprise and small-office-home-office antivirus software. SOHO programs are often best suited for road warriors as well as workers in isolated offices, telecommuters and those in large offices who use PCs not connected to a network.Wireless notebook PCs and personal digital assistants are probably the most at-risk devices. And laptops will eventually be connected to your network, so infections to them are a serious risk even if the mobile units don't contain any confidential information or aren't particularly important on their own.Even cell phones can catch malware these days, so an office that protects only devices hardwired to the network remains vulnerable to a wide variety of threats.Managing devices centrally is obviously the best option, but you need to weigh the ability of enterprise tools to properly protect individual systems. For example, should a user get updates directly from vendors or through the enterprise network? How well do the management tools work, or do they work at all, for PDAs, notebook PCs and cell phones?When choosing an antivirus program, many managers overlook the fact that most programs will sample new viruses and send them to the vendor for analysis. That sounds like a great feature, but do you know if any confidential'or even top-secret'data is included in that code segment?The program must provide a way you can either shut off this feature or review all code before approving transmission.Of course, it's a good idea to be sure antivirus software has been tested, but before putting too much faith in an independent test, you need to know exactly what was tested, how it was tested and what constituted a successful test in the eyes of the testers. For instance, in the past some tests were performed with live viruses while others weren't.Most IT departments don't have the resources to test antivirus software themselves, but at a minimum you should probably look for programs that have passed the ICSALabs testing done by TrueSecure Corp. of Mechanicsburg, Pa. See www.icsalabs.com for the most recent test results.The infections antivirus software looks for include:, which hides in the basic control data for the operating system, which are contained in or masquerade as .exe or other program files, which usually are found in Microsoft Word .doc files or Excel files, because both programs have powerful and potentially dangerous macro language tools. A simple fix is to set all computers to default to .rtf file format for Word , which are viruses based on Visual Basic code.Viruses are sometimes categorized by how they disguise themselves. This isn't exact, and many viruses make use of several techniques, but here is a look at some of the more dangerous current virus types:. If you have a legitimate .exe file, a .com file with the same file name but containing a virus will execute first under MS-DOS.. These transform themselves constantly to make it difficult to scan for a signature.. These will try to hide, perhaps by killing off antivirus processes.. Some viruses are always attacking; date or random-event viruses only activate under certain conditions.. These are difficult for antivirus engineers to disassemble.Like viruses themselves, the types of attacks are always evolving. Last year was the year of the phishing attack, which doesn't pose as much of a threat to government agencies as it does to individuals, because it usually targets financial information. But phishing could be turned against a secure network in an attempt to capture log-on credentials.Despite all the media play that phishing and spam deservedly got, 2004 was also a banner year for viruses. It was the year when multiple viruses made the rounds and started again in just a few weeks, as new variants popped up each time a virus was stamped down.It is clear to those who watch these things hourly that the initial virus is often rather weak but has some effect, while others are ready and waiting to be released as soon as the antivirus vendors produce a signature file to combat the previous one. There are also copycats.A safe e-mail service, www.messagelabs.com, maintains statistics on virus infections.Out of 147 billion messages passing through its servers in 2004, 6 percent carried a virus.The peak was April through June when the average was nearly 10 percent, but even in November the tally was still 3 percent.This is a common pattern, so look for virus attacks to again surge in the warmer months.Where viruses were once the creation of misguided students or simple vandals, today many carry a payload turning infected systems into spam servers.This commercial side of viruses is relatively new, and it means the infection is less likely to cause obvious damage to your system but is also likely to be far more sophisticated.
Using antivirus software is just one step in securing your networks, but it's an important one

























Boot sector malware

Executables

Macros

VB worms



COM viruses

Polymorphic viruses

Stealth viruses

Date or random-event viruses

Armored viruses



















John McCormick is a freelance writer and computer consultant. E-mail him at powerusr@yahoo.com.
X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.