|
Originally, this month's newsletter was going to document the goodies in DMS 709, and our deployment of the new DataWedge paging server.
This paging server allows Assisted Dispatching outside the confines of the Nextel relationship, allowing folks to use their paging plans on other networks with
the DMS software. However, in the past few days, some newsworthy items have popped up that deserve some sooner mention. So... more on Assisted Dispatch
next month.
This month, we have two things to bring up... the security breach at Heartland Payment Systems, and the looming "Conficker" virus. Unless you
have been living in a cave somewhere... you should know by now that the "Downadup" (or 'Conficker' virus) has proven to be the most widespread virus in the
history of computing thus far.
The Virus
As of this writing, this virus has infected somewhere in the neighborhood of 15 MILLION Windows machines around the globe, or roughly 7% of
ALL WINDOWS MACHINES. This especially proliferic virus so far is laying dormant, content to (for now) simply brute-force passwords on machines in an
effort to quickly spread itself around... but the tech world at large is bracing for the (still unknown) 'payload' date... the date when the virus is scheduled
to activate itself and carry out its instructions. No know yet has been able to figure out what the final task of the virus is supposed to be, but
technical experts everywhere are agreeing that a virus with this level of sophistication doesn't get released for meaningless pranks.
This first bit of news ties into the second bit of news:
There has been a significant security breach at Heartland Payment Systems.
http://www.pcworld.com/article/158003/massive_theft_of_credit_card_numbers_reported.html
First, (as the article states), it is disheartening to hear how Heartland is responding to the security breach. Instead of making a BIG
announcement in an effort to draw awareness towards customers that have had their credit card numbers potentially stolen, Heartland instead opted to put out a
small press release on the same day as our Presidential Inauguration in an effort to slide under the radar. My general distaste for how Heartland is handling
this incident is neither here nor there... but what's important (and a lesson that can be learned for anyone that is paying attention) is HOW the hackers did
it, and just HOW VULNERABLE YOUR NETWORK IS if you are not paying attention. There is a misconception that the process of 'computer theft' involves putting on a
ski-mask and breaking into a high-security facility (complete with torso-cutting lasers and rabid dobermans) and scurrying away with a golden piece of hardware.
Nothing could be further from the truth. In the case of Heartland, (based on the preliminary articles I have read so far) the
indicators are that the security breach was the result of malware, most likely downloaded by some unsuspecting person inside the network via an email
attachment. Read that again: The breach of Heartland Payment systems... resulting in the theft of (potentially) 100 MILLION credit card numbers.... was
done by nothing more than malware.
With the voracious spread of the "Downadup" virus, and with its unknown payload, combined with Heartland's already admitted breach due to
malware, now is the time to update your virus scanning and spyware/malware scanning software.
You can find tools to remove the "Downadup" virus (if your virus scanner doesn't already detect/remove it... an example of a Downadup removal
tool is provided by F-Secure with the link below:
http://www.f-secure.com/v-descs/worm_w32_downadup_al.shtml
IN addition, you can use Lava Soft's Adware (http://www.lavasoft.com) to scan for
spyware/malware.
Taking precautions for your computer network doesn't take a lot of expertise... it only takes a little TIME. The breach at Heartland
should prove to be a gigantic wake up call for every RDS owner that has been previously complacent about their network security... and with the biggest virus
infection known to ever exist looming on the horizon, there can be no time like the present to make sure all of your ducks are in a row.
|
DataWedge
Sample Site.
