12345

3/10/2011

Dangerousness of spreading malicious file through ESM

1. Introduction

Security managers are busy due to notices of being spread malicious file through ESM(Enterprise Systems Management) these days.
Concurrences with that malicious file threats have been disclosed as a real with various cases of severe damage, core data loss and severe damage after infected malicious file are topic in media; therefore, it can cause enormous damage in financially.

2. Dangerousness of infected ESM

Most of the companies adopted various ESMs with its convenience. To use safely, various security policies are set and let administrators and users use conveniently.


What if security threats emerged with the inattention of security manager? What if these convenient functions are being used as a malicious way? It is an extreme case; however, nobody can guarantee that it won't be happened.

Assume that ESM server has been hacked and uploaded malicious file for "destroy HDD". All agents will be infected and HDDs of each PC will be destroyed.


Needless to say that important or even essential file and information can be destroyed, and those won't be recovered. Not only for working as usual, financial damage and image of that company will go down.

Specific purposed malicious files are designed for these security threats, and a lot of cases had been reported.

3. How to prevent

What can security manager do for threats? First of all we distribute nProtect MBR Guard v1.0 against MBR destroy.


To use smartphone safely from security threats of these malicious applications, we recommend following tips "Security management tips" for general users.

Security management tips

1. Set policy for ESM server operating in another network
2. Keep updates the latest patch.
3. Use mobile anti-virus SW to check downloaded application before using it.
4. Change password strong and regularly.
5. Block accessing server from unapproved user.
6. Set backup policy for important data.

INCA Internet (Security Response Center / Emergency Response Team) runs responding system against various security threats.

No comments:

Post a Comment