Real World Computing

Recently we had a run in with the CryptoLocker malware, you can read about it here . The malware did a fair amount of damage across our file server but it was easily rectified by rolling back to shadow copies and traditional backups of files. Of course, in writing the inevitable incident report, I began pondering the future and posed the question, Given that traditional storage is giving way to cloud storage, does cloud storage in its broadest sense reduce or even eliminate the possibility of CryptoLocker, or similar malware in the future? - and -  in any case, what are our recovery options from the major vendors? More or Less Vulnerable? First, looking at the question of vulnerability, it very much depends on your access methods. All of the cloud services have web browser access to files, apart from general vulnerabilities in the browser itself, this is a pretty safe access method. If your password isn't compromised, it's unlikely that any of today's malware will ...

A Little History Over the years, we've had a fairly good run when it comes to viruses and malware. Much of that I can put down to the fact that we've always used IBM Notes as our mail system and it's less susceptible to hijacking. Of course, notes only slows down the distribution (and reduces the likelihood of specific mail calls being used).  It's not an effective anti-virus solution. Years ago, I used to run my anti-spam services on the mail server. There were two problems with this approach; The mail had already reached our systems before the first scan occurred - even if it was just spam, you're now using your bandwidth and your storage. You're running secondary processes on (or between) your mail server. It needs updates, maintenance etc.  Anti-Spam was the first service we moved offsite. For the past few years, we've been using the Symantec.Cloud anti-spam service. This was a very good service when it was a recent acquisition (Message...

I really want to direct your attention to the following article which appeared today; Malicious widget hacked millions of Web sites Parked sites hosted by Network Solutions spread malware since at least May http://www.networkworld.com/news/2010/081610-malicious-widget-hacked-millions-of.html?source=NWWNLE_nlt_security_2010-08-17 Essentially the article says that up to 5 million web sites have been serving up malware for at least the last three months - and nobody noticed. Even worse, it appears that nobody was safe; "The widget turned every infected domain into a drive-by attack site that launched the multi-exploit "Nuke" toolkit against users running Internet Explorer, Firefox, Chrome and Opera" Typically, the malware seems to only affect Windows PCs. Roll on Chromium OS! I'm not sure how much longer I can continue to support windows environments for anything other than games. There's also the fact that the cleanup hasn't been completed. "Although...