posted 04-13-2001 12:37 PM            

You are correct in that the anti-virus definitions are only updated after the virus is released, but some move slower than others. So by the time you or I update our PCs, we might be able to avoid getting some nasty bug that started on the other side of the world and progressed as the clock advanced and people checked their e-mail.

Also, many hackers out there take an old virus, update it with downloadable programs to add some nasty twist and recirculate it. So the virus definitions you downloaded a month ago may help you out next week.

Pioneer recently sent a CD to thousands of customers. Guess what. It contained a virus.

The important thing is to update both your program and your definition files. Because someone else won't that means these things never quite go away.

posted 07-27-2001 04:39 PM            

It isn't enough to buy virus software. You have to have it configured correctly, run it constantly, update it frequently -- and you have to stay very attuned to what's out there. I used to have my software check for new virus updates every week. In this environment, I've changed it to check once each day. The loss of productivity that results from infection with some of these pieces of malicious code is just too great to risk.

posted 07-28-2001 09:43 AM            

Among the infected emails I have received over the past few days from bankers have been close to a dozen which have had as the subject line things relating to file names like "Loan Memo: Mark Benali" (I altered the name to guard against exposing the customer's privacy a second time). That means I'm seeing Subject lines on the emails that say "Re: Loan request from Lazy O Ranch". If I then put in the domain name from the banker's email address, I can determine which financial institution the sender is with and I now know that Mark Benali has a loan from that bank and that Lazy O Ranch is trying to get one. If they are a community bank, it's likely I could even find their customer through an online search and if I were a con artist, I could say I was calling from the bank to discuss their loan and could social engineer all kinds of private information out of them to commit fraud with.

This is a MAJOR concern, particularly with privacy being the hot button it currently is.
Imagine for example, a banker's address book containing email addresses for everyone in a local civic group and them being sent an email whose subject line reveals that someone they know has an overdraft -- e.g. "Memo re Repeated Overdrafts on Joe Blow's account") or something similarly violative of the customer's financial privacy. A customer whose privacy was violated in that fashion would probably have a good case against the bank grounded on the theory that the bank was negligent in l) failing to maintain adequate virus protection; 2) failing to keep informed about virus threats; 3) failing to deal quickly and decisively with their computers once they became infected.

And if the banker failed to react once he had been informed that his machine was infected, heaven help him if he didn't clean off the virus.

posted 12-20-2001 08:20 AM            

This is an update to the original post.

Short of unplugging the computer (which really isn't such a bad idea), subscribe to an industry-standard virus protection program (e.g., Norton, McAfee or OnTrack) that:
1. Notifies you via email when a special alert is issued;
2. Offers 24/7/365 unattended downloads of updated virus signatures and scanning engines; and
3. Has a live technician available via telephone 24/7/365.

The updated virus signatures are designed to work with updated scanning engines -- so get them both. Your IT Manager can configure your system to auto-update signatures and engines during off-peak hours.

As Mary Beth wrote -- do this at least once a day. I average 25-30 emails each day and I receive an average of eight (8) virus-laden messages each week. I've also taken to scanning my computer at least once a day -- and every time my virus checker alerts, even if it tells me that it killed the virus.

------------------
Dana Turner
Security Education Systems
danaturner@bankersonline.com
830-535-6500
Opinions expressed are always those of my employer.

posted 02-04-2002 04:07 PM            

In addition to updating your virus definitions, make sure you keep-up with all the service patches on your operating systems and software, especially if you are using a Microsoft operating system (OS) or a Microsoft Office product. Many of the viruses listed above could have been prevented had everyone kept their servers and computers up-to-date... the patches are often released months before the viruses hit.

Just as I have started checking for virus definition updates more frequently, I have also started to check for service patches more frequently. I've been told that Microsoft will start releasing cummulative OS patches on a monthly basis in addition to the individual patches.

Even though checking for these patches and installing them on a lot of machines is very tedious and time consuming, the consequences are too large not to!