Inexperienced Net users most at risk.
Sophos is warning IT managers about the potential risks of
unauthorised web access. Uncontrolled Internet surfing, which may
violate company security policies, has recently increased
dramatically as users hit websites for information on the Monica
Lewinsky story.
Virus developers are known to lay traps for unsuspecting users
and target areas which will allow their viruses to spread
particularly quickly. News breaking on the Internet which attracts
widespread interest can often lead to lapses in company security
measures, such as punching holes in firewalls to allow access to
such sites. The CIH virus was spread in just this way during the
World Cup.
"The most successful viruses are those which don't reveal
themselves until it is too late," said Paul Ducklin, head of
research at Sophos. "The best policy to avoid consequences of 'Net
fests' such as the Lewinsky story, is to ensure security policies
are not ignored. Companies shouldn't tolerate relaxation of Net
rules just because all their staff suddenly want to surf the
web."
"Inexperienced users should be equally vigilant," continued
Ducklin. "Many users may not know the exact addresses for these
'hot' websites and so conduct searches. They may end up drifting to
all sorts of threatening sites. At times like these, security
policies should be strict, not lax."
In response to potential problems, Sophos has strengthened its
24-hour support team and has placed more staff on immediate
standby.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.