Bugbear. Klez. Sobig -- that's the one that appears to come from Microsoft.com. This (northern) summer, the virus hits just keep coming. It's as if, for the past month, the virus world has been softening us up for Microsoft Corp.'s announcement last week that it's getting into the antivirus business.
Will Microsoft's arrival really help? Probably not. Antivirus subscriptions make for a steady revenue stream, and Microsoft is big on steady revenue streams these days. But the company isn't likely to add much new in the line of virus-protection technology.
Besides, except for software security holes, the real virus problem today isn't about technology. It's about people.
People who get sucked in by interesting e-mail subject lines. People who click to open mystery attachments. People who visit Web sites or download files that they shouldn't. People who work their way around firewalls and virus shields. And yes, people who fail to keep firewalls and virus shields maintained.
Virus writers use "social engineering" -- clever psychological tricks -- to help their payloads get through. They leverage human curiosity, vanity, fear and foolishness to defeat even the best antivirus technology.
You've got the technology you need. Now, in this long, hot summer of virus attacks, it's the perfect time to make sure you have a handle on the people part of the problem, too.
- Start by making sure antivirus software is actually running on all your PCs. You probably can't afford a machine-by-machine sweep right now. But make sure every time a support tech touches a PC, that tech checks its antivirus logs, confirms that virus scans and definition downloads are running on schedule, and verifies that settings are correct.
- Remember, users are clever. If antivirus software gets in the way, they'll turn it off or work around it -- and then tell they're co-workers how they did it. So if you spot a problem machine with scans turned off or settings changed, there's a good chance that nearby PCs will be that way too.
- Keep track of your biggest problem users -- both the clever ones who change settings and the dumb ones who open every attachment. Talk with them. Explain the problem. Ask why they break the rules. They may show you legitimate issues that you can help with. You may persuade them to play it safer. In any case, you'll want to recheck their PCs often.
- Leverage news reports about virus outbreaks. When you see one, send a short message to your users -- say, six or eight lines -- telling them that "CNN is reporting" or "the local newspaper has a story" about the virus. Remind them once again to be careful about e-mail attachments, downloaded files and unfamiliar Web sites. Give them a few details, but be sure to keep it brief. It's really just reinforcement, not a full explanation, and users have short attention spans.
- Go hunting for the ways users find to circumvent your antivirus systems. Home computers that connect to company systems, Web mail, unauthorized modems and wireless hubs, and nonstandard Internet applications are the usual culprits. But don't limit yourself to that short list. Remember, users are creative -- and they may think what they're doing is safe because you've never told them not to do it.
- Finally, do a little social engineering of your own. Practice looking alarmed in a mirror, then trot that expression out when you discover dangerous user habits. Express concern about the work they'll lose, not just the safety of your systems. Say "We need to be careful," not just "Don't ever do that!" Tell them their ways around the firewall are clever, but very dangerous. Flatter them, cajole them, guilt them -- but convince them.
If that sounds a little silly, well, maybe it is. But it's no sillier than waiting for Microsoft to save you from Sobig, Bugbear and Klez.