• Recommend:
• 0 Comments

Love Letter's Legacy

Users and vendors wonder what could have been done to prevent the malicious worm.

By Brian Fonseca, Infoworld   

Part of the cleanup of the damage stemming from this month's devastating worm hit is to try to figure out if more could have been done--by both the IT industry and general online populace--to stop its blitzkrieg attack.

Some IT managers hit by the virus are finding themselves with little choice but to take personal security practices out of their users' hands as much as possible, says Douglas Korte, technical director at Whole Foods Market.

"You can't trust your users to combat something like this," Korte says. "We're pretty much treading water right now. It's not getting much better, and the technology doesn't seem to be keeping up."

Prevention, Not Reaction

Indeed, even antivirus vendors agree that their current technology at best is reactive to curb attacks such as the "Love Bug."

According to Navander Mangalam, director of security at Computer Associates International, antivirus technology hasn't been designed to completely stop Visual Basic scripts, which make up about 80 percent of worm attacks. Doing so, he explains, is not practical for business purposes because so much non-threatening traffic coming through the firewall and gateway server appears identical to worms.

Users at Fault?

And yet, simply relying on user awareness to prevent infiltration is not the answer. "I don't think that educating people is going to cut it," Mangalam says. "It's like AIDS. You need a vaccine and have to educate people about it as well."

Korte agrees that his users didn't realize the consequences of opening the Love Bug's harmless-looking e-mail attachment.

Perpetuating the problem might be a degree of "complacency" by users who feel it's not their problem to clean up systems after an infection has taken place, says Paul Williams, system manager at AT&T Labs.

According to a survey by security consultant ICSA.net of 62 companies with more than 200 desktop computers, 98 percent were found to have received copies of the virus. And 41 companies, or 65 percent, reported infections as a result of the worm-carrying e-mail.

Robert Votta, network engineering and information systems supervisor at Lee Memorial Health Systems Foundation says the problem might be lessened if people simply sent e-mail correctly.

"We're using e-mail for file exchanges instead of for messaging, and it's killing us," Votta says.

For more IT analysis and commentary on emerging technologies, visit InfoWorld.com. Story copyright © 2011 InfoWorld Media Group. All rights reserved.