X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
This spring, AssetMetrix Research Labs released a survey regarding the installation of Microsoft Corp.’s Windows XP Service Pack 2 (SP2) in 251 North American corporations, consisting of more than 136,000 PCs. Of the companies using Windows XP, fewer than 25 percent of PCs were updated with SP2. In fact, survey analysis suggested that 40 percent of the companies using XP actively avoided the “upgrade.” When SP2 was released eight months ago, early adopters sent up a hue and cry about bad experiences. The grapevine did its job, and Microsoft held off on forcing a download of SP2 via its automatic updating features, until April 12, 2005. After that date, the only way to avoid the patch is to turn off the auto-update features and run all updates through a separate application. So, why did companies go out of their way to avoid a service pack that was designed to fix security flaws? Why would a company intentionally leave known security holes open? Were the problems that the service pack caused so insidious that IT staff decided to try to protect their networks and users in other ways? The survey leaves many questions unanswered, but one fact remains: A tremendous number of companies did not apply the fix. Perhaps an overview of some of the newest threats coming online will remind you that while patches may provide their own brand of irritation, compared to the ongoing attacks against your privacy, identity, and income, they may be worth it. SELLING THE PHARM People are now wise to phishing e-mail scams that impersonate banks to get personal information, such as credit card accounts and Social Security numbers. Thanks to constant media exposure and notification from at-risk companies to their customers, most people know to be wary of e-mails asking for confidential information. But what if you were to type in the URL of your bank, log-in to your account, transfer funds from one account to another to later find that the Web site you visited was spoofed and the site you visited was actually hosted by scamartistsunite.com? This act of site spoofing is called “pharming” and the technical description implies DNS poisoning. If the term “DNS poisoning” makes you feel sick, you are not alone. Pharming sends people to fake copies of legitimate Web sites, without any warning signs. This is accomplished by exploiting the DNS, or Domain Name System (or Service or Server). When you type a URL (Uniform Resource Locator) into a browser, the browser must translate that information. For instance, when you type “www.google.com” into the address bar, the browser must translate the address into an IP (Internet Protocol) address, which is a series of numbers like 123. 456. 78.9. In order to do the translation, the browser consults a DNS to get the IP address for the text address, then sends you to the requested Web site. Pharming attacks the translation process, substituting a different IP address for the text address. Thus, when you think you are visiting Google you are actually being sent to the Web site run by “Bizarro Google.” If the site has been made up to look like the requested site, any information you send will be collected by this impostor. If you immediately recognize that the site is not the one you wanted, it has probably attempted to infect your computer with some malware. Boiled down, the concept of “pharming” can be described as a fake Web site. There are several ways to exploit the DNS and this potential has long been well-known. According to the SANS Institute’s Internet Storm Center, attackers exploited a vulnerability in Symantec firewalls to redirect users typing in google.com, eBay.com and weather.com to three malicious sites. Symantec has issued a fix. The threat is growing and security companies are rushing to create a way to protect us. One way to keep from passing on private information to a compromised site is to check for the SSL (Secure Socket Layer) certificate. This is the small lock icon displayed in your browser when you are at a site that should be protected for confidential transactions. Also, be wary of any site that requests a Social Security number or other information that seems superfluous. Another way to catch on to a pharming scam is that the login process may not look the same as a legitimate site. NEW WAYS TO CATCH A COLD SpIM is a term used to describe the spread of viruses, worms and spam over instant messenger services. The IMlogic Threat Center reported a 271 percent increase in report incidents of IM-borne security threats. IM viruses work in the same way as a traditional virus, often enticing the user to open a file or click through to an infected Web site. Because IMs are much more difficult to protect at a server level, users should be wary. Another new threat: the cell phone virus. The first one to be widely reported attacks smart phones that use the Symbian operating system. Cabir and CommWarrior have already been documented. While downplayed because users must give permission for the files to be downloaded, consider that the epidemic “I Love You” virus also required permission-based downloads. SAFETY FIRST Avoiding the methods that have become and will become the way of doing business — online interaction — is ill-advised. Learning to be safe, be smart, and stay up-to-date will always be necessary. Moving to less vulnerable operating systems and browsers only gives a false sense of security. Firefox, the alternate browser many people enjoy for its functionality as well as its safety, has already issued several patches to plug security holes. Anything that becomes popular is a target for scammers and those with malicious intent. Security patches, updates, and fixes are issued to help with safety concerns, even if they occasionally bring a few of their own bugs along. All computer users who access the Internet and use e-mail should run a firewall, anti-virus, spam blockers, and any other protection that is available and keep it up-to-date. Network back-ups are another tool in the arsenal to combat the onslaught of threats. Make sure that all data is backed up and test your ability to restore from different points. In this way, if anything happens you should be able to turn back the clock. The lesson here is to stay alert and stay up-to-date. Catherine Sanders Reach is a member of the Law Technology News Editorial Advisory Board, and acting director of the American Bar Association’s Legal Technology Research Center.

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.