Opinion: Zotob - An Avoidable Worm And The Negligence Factor

Laptops are incredibly handy, with over 50 percent of the new PCs being sold to companies, yet you have to remember that they are virus magnets and require a much higher level of focus then many now give them.

While we often don’t talk about it, people will do things with laptops from home or hotel rooms that they wouldn’t think of doing in the office. These things often result in contamination by spyware or viruses. Laptops should never have peer relationships with any internal unprotected systems. They should always be treated as if they are infected because they have a high probability of being infected. This doesn’t mean they shouldn’t be protected. Laptops should be running fully configured software firewalls like ZoneAlarm or BlackIce Defender.

In addition, laptops really should not be using old versions of Windows. Even unpatched Windows XP machines are not being hit by the current attack and those with the SP2 service patch in place are vastly more resilient to attack then any other Windows platform.

Laptops can represent the worst of all possible worlds when it comes to security because users are often disconnected making patching difficult to do timely and they generally lack the perimeter protection afforded desktop hardware. The combination of high vulnerability and low connectivity exacerbates the problem, and when we couple this with the laptops clear threat as a virus carrier, you can only conclude that it must always be maintained as current as is possible and that means the current version of the OS.

Right now, if the current assumptions prove to be true, unpatched Windows 2000 laptops are doing massive damage to the companies that have them deployed and there is really no good excuse for this. You can lag on patching desktop machines within perimeter protection because of where they are used however we tend to patch them more quickly because we can.

One other thing to remember is that a large percentage of trouble calls with laptops can be traced back to imaging them with an older version of the operating system that was never designed to work with the current generation of mobile hardware. In other words, particularly since there is no real cost advantage and a huge security and usability disadvantage, putting an old OS on a new laptop is anything but wise regardless of cause.

The State Of Negligence

We live in an increasing hostile world—gone are the pre-Internet days when viruses took days and weeks to hit. Today they land in hours and minutes. Our faith in virus checking products is now vastly misplaced because they simply can't respond to most of the high profile threats quickly enough and, even if they could, an increasing number of our users are disconnected making the timely update of virus signatures nearly impossible.

This forces us to revisit our perimeter protection and make sure our perimeter is expanded to cover all critical systems even those that may exist in employees’ homes. In addition we need to give special care to mobile devices (which now include smart phones and hand held computers as well as laptops) which increasing are used as virus carriers. These machines must become juggernauts able to resist attacks on their own and they should never be accepted onto an internal network without being adequately protected.

The best advice for mobile devices is if you always keep them well patched and on the current operating platform and operating outside of firewalls even when inside companies so they won’t become the nightmare that a number of CIOs had this week.

Whenever we see selective damage like we are seeing, the question of competence comes up and, with so the “n” word {negligent} is not far behind. None of us can afford to have negligence associated with our names and companies so we need to look at the firms that are stepping up to their responsibilities and emulate them.