Research by Symantec shows that an unprotected computer connected to the Internet will be attacked remotely within minutes. Apart from the obvious danger of the user’s ID theft, unprotected home PCs can remotely be hooked into networks of zombie computers being used to spread spam, steal other peoples’ IDs and attack websites.
Despite this, many organisations fail to issue guidelines to workers who use their home PCs for work-related issues, such as emails. At very least, a full check of the PC should be carried out by a competent person, and a comprehensive anti-virus/anti-spyware/firewall program, such as Norton 360, should be installed. Anti-spyware programs, in particular, should have the ability to both firewall and sweep automatically, and should be obtained from reputable sources – some anti-spyware software is spyware in disguise.
Meanwhile, blog readers may recall that in June 2007 the FBI announced that it was trying to contact more than 1 million home PC owners who have unknowingly had their computers remotely hijacked by cyber-criminals. Once hijacked, PCs can be used to send out spam, spread spyware or as repositories for illegal content such as pirated movies or pornography, and most owners will not be aware that their machines have been taken over. For more read here.
Spyware and other related threats are discussed in the one-day IT and Information Security session on Security Management Stage 1, 31 March – 11 April 2008. The workshop may also be attended as a stand-alone module on 7 April. For more information on this, and to discuss in-house information security awareness training for staff, contact Janet.