Microsoft: Be secure, mind your drives

Threats such as Conficker, prove enterprises vulnerable due to lack of guidelines around use of removable storage and shared resources, says global security exec.
Written by Vivian Yeo, Contributor on

SINGAPORE--Businesses need to establish guidelines governing the use of removable storage devices and shared network resources to better protect their corporate networks, a Microsoft executive has urged.

This was evident in the case of two worms that troubled enterprises in the first half of 2009, Jose Campos, Microsoft's director for Trustworthy Computing, said in a briefing here Thursday. Initiated by Microsoft Chairman Bill Gates in 2002, Trustworthy Computing aims to build better security into the software giant's products.

According to Redmond's latest Security Intelligence Report, the top threats for enterprises between January and June this year were Conficker and Taterf. Some Conficker variants, explained Campos, had the ability to spread via shared network resources and removable drives.

This was probably the case in Malaysia, where Conficker was the top threat recorded during the six-month period, he noted. Microsoft's report indicated that over 97,000 machines in the country were infected by the Conficker family during the first six months of 2009.

"[The lack of] guidelines around removable devices may be the cause of the high numbers," Campos said.

In addition, Taterf, which attempted to steal login credentials of popular massively multiplayer online role-playing games (MMORPG), spread via mapped drives. Although it targeted gamers, many office workers do play games while at work, he noted, adding that Korea was one market "heavily affected" by the worm.

To prevent enterprises from being easy target for such threats, policies that determine, for example, who in the organization can use removable storage media such as USB drives and the extent to which these devices can be used, should be developed, said Campos. Businesses must also be judicious of the ports used to carry data traffic between machines on the corporate network and the Internet, he added.

Editorial standards