Microsoft one of many without Trojan protection

Many believe the weekend's trojan horse attack on Microsoft was a tiny partof a huge epidemic in lax network security. IT companies are being warned to update their systems on a daily basis.

The weekend's trojan horse attack on Microsoft was a tiny part of a huge epidemic in lax network security, says IT security exec Anna Johnson.

AUSTRALIA (ZDNet Australia) - In fact, says the director of Melbourne security consultancy Shake Communications, the software giant was relatively lucky the trojan only resided on its servers for a reported six weeks before being discovered.

Companies that have less sophisticated security mechanisms in place often house similar worms indefinitely on their networks, without ever detecting them, she said.

"Microsoft just happened to find out about it."

A trojan horse program is a malicious program disguised as a common application - such as a joke, a game, or an applet - that infiltrates a computer system or network via e-mail. Microsoft became the latest high-profile victim of trojan attack last week, when it discovered a hacker had used the "QAZ" trojan to view confidential company files.

Johnson said six weeks inside Microsoft's servers would be ample time for any good hacker to find and view the data they wanted.

"That's a long time to get a lot of stuff," she said. Johnson believes most hackers can hit their bull's eye within minutes.

Investigations in the US are still under way, so the software company says it is not yet able to disclose details on what data was compromised by the attack. However, a Microsoft spokesperson told ZDNet it was possible the hacker was able to view source code related to some future company product initiatives. No source code was tampered with in any way, they said.

Reports say the hacker used the trojan to view key blueprints and source code related to Microsoft's widely publicised .Net initiative.

Johnson used the Microsoft attack as a warning for companies to ensure their security systems are installed correctly and updated on a daily basis.

She said anti-virus firewalls and other software security systems were "useless" on their own as protection against attacks - trojan or otherwise.

She said companies that set up firewalls without an adequate level of expertise risked leaving "ports" open to hackers, even once the firewall was activated. Ports are those channels of communication - such as email, file transfer, or Website viewing - that connect an IT system to a network.

"If you leave a port open, then a firewall is as useless as having your back door open," Johnson said. "A lot of companies don't know how to configure their firewalls correctly."

"You can't just buy a product and think you've got it covered."

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All