CIS News: Year of the Worm

Year of the Worm

Posted on January 27, 2004 01:39 PM

IT Security Memo from Brown's Director of IT Security, Connie Sadler:
E-mail has never been a totally secure method of transmitting information, and every day this becomes more obvious to us all. We receive e-mail from unknown senders. We receive e-mail from senders who "appear" to be someone we know, but the email was actually "spoofed". We receive strange attachments from what appear to be reliable sources.

The possible scenarios go on and on. The truth is: "hackers" and "spammers" are more organized than ever. They actually operate as development teams! We need to be very careful to confirm the authenticity of any sender of an attachment - even if we think we know the sender. If we weren't expecting anything, we shouldn't open the file until we check with the sender to see if the attachment is genuine. This may seem extreme, but it's really the only way to fully protect yourself. An attachment can also contain executable content while "appearing" to be a harmless text file.

If in doubt about any e-mail you receive, contact your DCC, the sender of the message, or the Help Desk (3-HELP) before you take a chance. The "payloads" associated with these viruses and worms will only get worse. We fully expect that on a routine basis, your files could all be erased, or your keystrokes could be captured for months at a time, to be "played back" to someone else, who may or may not be known to you. Please be safe in 2004, which has been labeled by some experts as the "Year of the Worm".

[an error occurred while processing this directive]
CIS News « New for Semester 2 \| Main \| Your own Virtual Private Network » Year of the Worm Posted on January 27, 2004 01:39 PM IT Security Memo from Brown's Director of IT Security, Connie Sadler: E-mail has never been a totally secure method of transmitting information, and every day this becomes more obvious to us all. We receive e-mail from unknown senders. We receive e-mail from senders who "appear" to be someone we know, but the email was actually "spoofed". We receive strange attachments from what appear to be reliable sources. The possible scenarios go on and on. The truth is: "hackers" and "spammers" are more organized than ever. They actually operate as development teams! We need to be very careful to confirm the authenticity of any sender of an attachment - even if we think we know the sender. If we weren't expecting anything, we shouldn't open the file until we check with the sender to see if the attachment is genuine. This may seem extreme, but it's really the only way to fully protect yourself. An attachment can also contain executable content while "appearing" to be a harmless text file. If in doubt about any e-mail you receive, contact your DCC, the sender of the message, or the Help Desk (3-HELP) before you take a chance. The "payloads" associated with these viruses and worms will only get worse. We fully expect that on a routine basis, your files could all be erased, or your keystrokes could be captured for months at a time, to be "played back" to someone else, who may or may not be known to you. Please be safe in 2004, which has been labeled by some experts as the "Year of the Worm".
[an error occurred while processing this directive]