Comments on: Maples don’t get Dutch Elm Disease

By: John Wirtz

John Wirtz — Wed, 23 Jan 2008 01:34:17 +0000

I read a security bulletin for then SBC a few years ago where they talked about the greatest threat to the company network. In essence they said that the greatest source of malware and virus threats didn’t come from outside the company, nor through the firewall via e-mail or web surfing, but from people bringing their own infected disks in and popping them into their computers. They put something “cool” on their workstation. Someone sees it and they want it so things start spreading around the office. Remarkably the internal e-mail isn’t filtered through the firewall, so the malware gets spread to other offices and departments by “friends” and within a month there is a major company wide problem.

The lesson; you can’t neglect the creamy nugat center and only concentrate on the crusty exterior. That creamy center is chock full of nuts.

By: Keith McMillan

Keith McMillan — Tue, 22 Jan 2008 19:41:41 +0000

It’s been a time-honored tradition that “you can’t secure everything” and you should focus on the “hard, crusty exterior” of your networks rather than the “soft, chewy interior”.

Unfortunately, you’re correct, and many security practitioners (or at least the smart ones) now realize that they’re going to face at least as much of a threat from inside the organization as outside.

Some of the new intrusion prevention systems may do something to help with these sorts of issues, but the jury’s really out on those.

By: Peter H. Coffin

Peter H. Coffin — Tue, 22 Jan 2008 17:28:00 +0000

IMHO, a big step would be convincing people that that something that (for example) puts little sheep walking along the edges of their windows may in fact be doing something else as well. Another big one would be convincing organizations to be no less suspicious of their internal machines as they are of the ones outside their networks. If there’s a port listening, something will shovel bad data at it eventually.