Earlier this month a part of our University was hit with a zero-day virus attack. I had not heard of the phrase zero-day before now and suspect most people only learn about the concept when one occurs at their place of work.
Zero-day refers to a class of computer threats that exposes undisclosed or unpatched application vulnerabilities. Zero-day attacks can be considered extremely dangerous because they take advantage of computer security holes for which no solution is currently available. Zero-day attacks are difficult to defend against and are often effective against secure networks and can remain undetected even after they are launched.
A Zeroday Emergency Response Team (ZERT) is a group of software engineers who works to release non-vendor patches for Zero-day exploits. McAfee and Symantec deployed ZERT teams to the campus. It took 48 hours to identify the virus and release a DAT file that patched and inoculated against the virus.
When the smoke cleared, over 1900 desktops and 10 servers were infected with the mass mailing virus referred to as W32/Nuwar or W32/Mixor. It damaged Microsoft Office applications, including Word and Excel. Fortunately, our crisis management strategies worked or the damage would have been much more significant.
close all the
ReplyDeleteGLP
so that the virus replicate can be reduced.