Compartmentalize your network to improve security
Malware is on its way toward "zero-day" threats—the time between the announcement of a vulnerability and the implementation of its exploit is shrinking to mere days, even hours. For example, in the case of SQL Slammer, the time from published vulnerability to exploit was half a year; but for MS-Blast, that period was a single month. With dwindling timeframes, there's less chance of a patch being released or deployed before the exploit appears.
As if that weren’t alarming enough, recent threats have shown an unprecedented compression of transmission time. Recently, MyDoom became the fastest-spreading malware threat ever—possibly accounting for as much as 30 percent of all e-mail traffic at its peak. Couple the shrinking vulnerability-to-exploit period with lightning-fast transmission, and you have the greatest worry for many of us in IT: an immensely destructive threat that spreads unchecked, and for which there are no fixes—until it's too late.
By Frederick Felman at Enterprise Systems.
[ Read more ]
- Review: Viruses Revealed (28 April 2003)