Via Indiatimes.com -
KOLKATA: Consider this. Having discovered a virus in its mail system, a mid-sized Indian pharmaceutical research company downloaded a free antivirus software from the Internet. It cleaned the viruses and apparently everything was fine.
Until it discovered that sensitive information was being passed off to its competitors. “We discovered that the antivirus had, in fact, silently planted a spyware that sent every copy of emails to another address from where it was being passed off to its competitors. Even antivirus softwares may not be safe!” Ironport Systems’ regional director for India & Saarc Ambarish Deshpande told ET.
This story still confuses me...why are we even talking about the AV software, which most likely was fake or not powerful enough to remove the infection?
Anyone in the IT security world knows that you can't trust an AV product to remove all elements of an infection. You think it got all the bad files, but did it really? Who knows...so IMHO, the security integrity of the server is now gone. How do we get it back? Well in this case, nothing short of a complete OS rebuild will work. The server was infected with all types of stuff before AV was installed, enough said.
Plus, it smells of corporate espionage. The server is not to be trusted on the network, until proven otherwise.
But let’s back up a bit. Shouldn't we ask why a Mid-sized Pharmaceutical Research company is running without anti-virus?? I mean seriously! How long have they been infected before finding the problem? A long time, I can tell you that.
And now all the IndiaTimes wants to talk about is the insufficient AV program that was downloaded and installed. IMHO the fault should fall directly on the IT staff for several reasons.
It is hard to worry about competitors if you are busy creating a PR nightmare for yourself.
No comments:
Post a Comment