By any definition, the month of September was not a good one for America. First, there was the devastating attack by terrorists on the World Trade Center and the Pentagon. Then, a little worm named Nimda attacked and wreaked havoc on our computer systems. It was enough to make us all want to go back to simpler times when the worst thing we thought a worm could do was ruin an apple.
So, what happened and where was all of our splendid technology during this time. How could the very technology that made us so mobile and connected and modern turn on us so badly? Wasn't technology supposed to make life easier, not more difficult? Yes, the technology we have come to rely upon was supposed to make our lives easier and it performed its job admirably in spite of the horror of the last month.
Thanks to our communication technology, Americans were informed more quickly and more fully of the horror of September 11. Major networks were able to band together and reportedly raise over $115 million in a very short time to aid the victims of the September 11 attack. Due to our communication and eCommerce capabilities, the American Red Cross has raised over $118 million to aid in the relief effort, not to mention what other relief organizations have raised. The list of agencies online, along with the amount raised, is staggering.
Thanks to sophisticated technology, lives were saved that otherwise would not have been. Even such low technology items as the equipment used to transport supplies and replacement equipment to businesses or remove debris have played a major part in beginning the recovery process.
Despite the fact that the Nimda worm was spread through our modern Internet around the world, there is even a positive point here. While the antivirus programs were not initially able to catch and stop the worm, within a short time, the major players in the industry were able to help isolate and provide a mechanism to stop the worm's spread.
But as with everything humanity manages to produce, there is definitely a potential for misuse of our technological blessings and people have found that potential in the past month. That's what this article is really about. We want to take a moment and reiterate what we’ve discussed over the past year, since many of those lessons seem to be hitting home all at once.
Scams abound everywhere.
No doubt there are many generous people in the United States and abroad. If nothing else, the ability to raise over $200 million in less than 10 days after a disaster proves that. It seems that people are always willing to help others when the need is there.
Unfortunately, unscrupulous operators use that strength of human character and sometimes far too much money is lost before they are stopped. Just one day after the September 11 attack, reports were coming in to Scambusters.com about spammers sending emails calling for financial support for the victims of the disaster. These calls for assistance advised good people to go to the spammers website to donate money to the Red Cross. In reality, many of these sites were places where the donations were diverted to the spammers or, at the very least, the credit card numbers were stolen for later use.
Scambusters response was the same now as it has always been - Do not respond to email solicitations for donations. No reputable charity would send out such requests to unknown parties.
Here are a few tips from the Better Business Bureau to protect yourself:
- Beware of excessive pressure for on-the-spot donations.
- Don't give cash. Give a check or money order.
- Ask how much of the donation will go for the stated purpose instead of other
programs or administrative costs.
- Check reports on national charities at www.give.org.
- Don't give your credit card number.
- Ask for written information on the charities mission and how it uses donations.
Even if it isn't good business for the charities to be open with their finances,
charities are required by law to provide certain financial information when
You can also check on charities at several sites, including www.guidestar.org
. As we have said before, give, but make sure the right people get what you give.
The flu season has already started.
Ok, so Internet viruses aren't exactly the same as the flu. They can be worse. The number of people affected by a full-scale attack like the one we saw with Nimda can be staggering and the economic cost in lost productivity and disaster recovery can be just as devastating.
Internet viruses and worms are like their biological counterparts in that they are always finding new ways to beat the antivirus programs. The Nimda worm was especially bad because it was able to actually change web pages and get to a system by a mechanism other than email. The unfortunate part is there was no antivirus program on the market that could detect and stop the worm's initial attack. F-secure's antivirus program came close by identifying it, but it took time to develop the vaccination.
The only protection, short of isolation, is to obtain antivirus programs, but this isn't enough. Make sure you update the program's virus definitions regularly - at least twice a month, but weekly is better. In periods where there is a worm like Nimda running around, downloading update daily, is a god idea. Run a full scan of your system (including all files) at least weekly or more often if you are constantly connected to the Internet. We guarantee the first time you catch and stop one of these nasty bugs, you’ll forget the inconvenience it caused.
As one CPA firm client recently put it, "I want to thank you for advising us to update our virus definitions. We did and found several viruses in our systems. We can't remember the name but they were very bad viruses that could have destroyed our systems."
Don't slouch on backups
If we’d told you a month ago terrorists would blow up the home of major players in the United States' economy, you would have laughed at us. We would have laughed at us too. What happened on September 11, 2001 is the kind of thing disaster planners tell us we should plan for, but never really believe we will experience.
Thanks to those disaster planners, while we did experience a major disruption in our financial markets for a short period of time after the September 11 attack, it was not a mortal blow. All the major companies were able to access their data and continue business when the markets opened the following Monday. The people who were diligent in making and implementing disaster recovery strategies are the unsung heroes in this story because their work kept millions from losing their life savings.
Whether you’re small or large, don't neglect the fundamentals of risk management. Make sure you safeguard your data with regular backups stored off-site. Don't stop there. Have plans in place on how to quickly replace equipment, office space, communications and other vital business assets. September 11 showed us just how quickly a good day could turn disastrous.
This month's article hasn't brought new technology to your attention. It hasn't even told you much you shouldn't already know from our articles of the past year, but sometimes, it pays to stop and reflect on what we’ve learned from a particular event in human history. September was a good reminder that vulnerabilities exist in the best of circumstances and we need to prepare for them. It also proves that there are those who will take the most tragic of circumstances and try to profit illicitly from them.
Take a look at your vulnerabilities and your plans to address them. If you can't find any, look again or give us a call and let us help you prepare so small glitches don't turn into major or fatal disasters.
Until next month, have a great October and God bless America!