10.11 .Net Shipped with Nimda In June 2002, it was reported that the Korean language version of Microsoft's Visual Studio .Net product for developers contained the Nimda virus. Microsoft assures us that we should not worry because Nimda requires IE5.5 and Visual Studio .Net requires IE6.0 for infection, I mean, for use. How could such a thing happen? Microsoft hired a company to translate this product into Korean and that company allowed Nimda into its network. When Microsoft scanned the proposed CD-ROM for viruses, it scanned only the files on the CD-ROM that it expected to see, not all of the files that actually were on the CD-ROM. | Lessons to be learned: Rings of Security are mandatory for good security because no single ring is 100 percent effective. The one ring in this case study that was intended to scan for viruses clearly was incomplete. The rest of the lessons listed here are some of the rings that would have helped prevent this problem. Remote sites should have at least the same level of security your main network does if their data will be reintroduced into your network or otherwise distributed. These sites include vendors, consultants, and staff members' home systems, if the data on those systems is trusted. Organizations that distribute software or other critical data need to be very careful that it is free of viruses and Trojans. All files should be scanned for viruses if the product is intended to run on Windows. There should be a "build list" of files that should go out in a distribution and a software procedure that allows only these files to be distributed. We were doing this at Silicon Graphics and elsewhere 20 years ago to ensure that undesired files did not end up in a distribution. It is common practice at many well-run software houses. There should be a "sterile build procedure." The proposed source and data files should be specifically copied to a clean system to do the build. This clean system should be built from scratch and should be completely isolated from any network, with data transferred to it via CD-ROM, magnetic tape, or similar nonnetwork method, from which you can choose to copy only the wanted files. Make several master CD-ROMs and compare the finished product to the master, byte by byte, prior to shipment. Scan the proposed and finished product for viruses or other defects very carefully. Large organizations need multiple checks for defects, such as viruses. Any distribution should have been checked. Then, it should be rechecked by different people who use an independently developed procedure using independent software. In the case of virus scanning, different vendors' products should be used in each step. Have your security procedures audited, especially if your outfit is other than a small one. These problems would have been obvious to an experienced security consultant, and an audit report is hard to explain away. The more important the data and its connection to you, including your organization's reputation, the more painstaking and thorough the steps to protect it should be. Microsoft is asking everyone to trust its credit card and bank account data and the company's reputation to .Net. After hearing about this incident, will you?
|
|
