RE: Malware season?

Tony

With respect, the Y2K issue was real, and line of business managers recognized several years ahead of time that remediation was an absolute requirement. The reason why "nothing happened" was because there was a global effort to correct the various Y2K program problems before, not after, the big day. And there were scattered failures around the world. As I recall one of them was the Lahore, Pakistan Stock Exchange.

Y2K was NOT hype. It was a vivid demonstration for effective risk management.

As an interesting sidelight there was a similar issue with the GPS satellites. I have forgotten the details but it had something to do with a week counter that rolled over at week #1023. Fortunately almost all GPS receivers had been upgrades to handle the event correctly.

What is the lesson? We must depend on careful risk assessments, not guesswork, when we plan risk mitigation measures, and we should try not to spend money putting "iron doors in paper walls!"

Regards Bob Jacobson

Robert V. Jacobson CISSP
International Security Technology, Inc.
99 Park Avenue 11th Floor
New York, NY 10016-1501
 (212) 557-0900 Cell (917) 751-5190
www.ist-usa.com

-----Original Message-----
From: Bradley, Tony [mailto:tony.bradley@eds.com] Sent: Friday, March 07, 2003 1:51 PM
To: 'focus-virus@securityfocus.com'
Subject: RE: Malware season?

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

<< Is it just my imagination? Do any of you seasoned professionals notice patterns with the release of new malware? Does it occur more during certain times of the year or in certain political climates or around certain holidays, etc.? >>

I think I would agree that it seems to come in waves, but I don't know if I have noticed it occurring during any specific time of year or political climate.

It seems that there is usually heightened focus on preparation by the information security professionals around holidays and during heightened political tension. We spend a lot of time waiting for the other shoe to drop and (thankfully) preparing for nothing. Its sort of like all of the hype around Y2K and everyone sitting watching the clock waiting for all of the computers of the world to shut down at midnight January 1, 2000 and then nothing happening.

There is a lot of talk lately about cyber attacks as a military / terrorist tool. The United States government has drawn up rules of engagement so to speak for how and when to conduct cyber warfare. So, I would expect that during war or heightened political tension we may see increases in attacks.

Just my $.02

Tony Bradley, CISSP, MCSE2k, MCSA, MCP, A+ About.com Guide for Internet/Network Security http://netsecurity.about.com Received on Mon Mar 10 12:25:47 2003