Computerworld - And now, Nimda. Will these attacks never end? The answer, unfortunately, is no. They won't ever end. The Nimda worm that surfaced last week apparently has nothing to do with the terrorist attacks at the World Trade Center and the Pentagon the week before. It doesn't even have the politically oriented payload of the Code Red worm that attacked Whitehouse.gov in July. Nimda just tries to break things - PCs, servers and the Internet as a whole.
Nimda isn't the cyberterrorism that security experts have been warning about. It's just one more malicious worm.
True, it's a particularly nasty worm. It delivers itself by e-mail and through Web sites and via infected servers. It also tries to drill in through more vulnerabilities than any other worm. It overwrites files, opens users' hard drives to outside access and lets attackers gain control of servers.
But it's still just a worm - one more security threat we need to take care of.
Which means if you didn't apply those patches to your Microsoft IIS servers when Code Red and Code Red II and Code Blue blew through, you should have lots more incentive to do it now - even if the patches blue-screen your machines. A Nimda infection means you'll have to wipe your server and rebuild its software from the ground up.
If you haven't regularly tweaked your firewalls and other security technology, it's time to start making a habit of it.
And then there's the biggest, most obvious security problem in your organization: your users.
It's not news that users shouldn't open unsolicited e-mail attachments. And that they shouldn't change security settings on their e-mail clients or Web browsers. And that their antivirus software should be updated regularly.
Yes, you're tired of telling them, and they're tired of hearing it. But now's the time to bring those issues up again.
This time, though, don't deliver the exhortations by way of memos, manuals or managers. That didn't work before, and it's not going to work any better now.
This time, you're actually going to have to talk to users. Face to face. One on one, if necessary.
And instead of just telling them what to do - and what not to do - you'll have to ask why they keep doing the things that put the whole company at risk.
And you'll have to get answers. You'll have to insist on answers. Even if you have to run their managers out of the room while users give you those answers.
Why
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
