No Trojan Horse – It’s a Plastic Giraffe.

Trend Micro are, I see, giving away plastic safari animals to their re-seller channel. Hardly a day passes without another plastic giraffe appearing in the post as part of a wacky sales incentive scheme.

I’m told, that once you have collected enough plastic animals and palm trees in a jungle scheme, you have to take a digital photo of the collection and then send it in to see if you have won the safari holiday at the end of the exercise.

Quite what the connection is between anti-virus and plastic animals, I don’t quite know but to be honest, I did rather prefer the bright yellow Mont Blanc pens that Symantec were once handing out. You can’t beat style. Plastic giraffe or Mont Blanc pen, it’s a tough choice for some!

Staying with security vendors, IDC has released its latest report on the shape of the industry. Symantec, Trend Micro and Network Associates are respectively first, second and third in turnover and the research company has identified emerging ‘Blended threats’ as the most immediate threat facing all of us.

“A blended threat”, according to IDC, “is a complex virus or worm program that targets multiple weaknesses in computer networks and is capable of doing damage in multiple ways. · Unlike traditional viruses, which rely on the user to spread the infected files, blended threats are automated and are always scanning the Internet and local networks for vulnerabilities and other computers to infect; that is, they spread without user interaction”.

If recent logs from my Norton ‘Personal Firewall’ are any measure of the threat, then it’s becoming observably worse on an almost quarterly basis. I’m not seeing a single Internet session, through BT Internet from home – dial-up – that doesn’t have some apparent port-scan exploit from “somewhere out there”.

It is interesting that IDC dwells on the drive towards the bigger picture of ‘Secure Content Management’, (SCM) the integration of policies, hardware and software to provide ‘overall protection’, rather than the piecemeal approach that the majority of companies have in place today.

A second prediction concerns mobile security, a topic I have been bashing-on-about for months now. As the Internet is freed from its cabled connection to a PC and becomes increasingly pervasive over wireless networks into multiple device types, the same threats that plagued the desktop PC will simply move on and up into the wireless space, with an potential for serious damage and disruption.

Unfortunately, I see complacency creeping into business all over again. It’s been almost twelve months since I did my ‘End of the World’ ‘turn’ about Code Red on the BBC and since then and Nimda, we haven’t had a serious meltdown. This is of course good news for the SCM vendors, because it implies that sales of anti-virus software are healthy but at the same time, apart from a few scares, we haven’t seen anything really nasty appear on the scale of Code Red. Once people think that they are protected or that the threat is exaggerated is the point when vulnerability starts all over again and we only have to look at the renewed incidence of HIV in the real world.

Much like the risk of an earthquake in San Francisco or Tokyo, we are overdue for another malicious code outbreak and so, if you haven’t got your SCM policy in place and your anti-virus definitions aren’t up to date, this is probably a good time to do something about it.

I can’t promise you a Mont Blanc pen or a plastic giraffe but peace of mind is worth much more.


Popular posts from this blog

Civilisational Data Mining

The Nature of Nurture?