Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Zombie Byte: Symptoms, reanimation and cure

Aravindan Anandan, Consulting Systems Engineer, Asia Pacific, Barracuda Networks | Feb. 29, 2016
Enterprises must protect against invisible threats that patiently wait to attack. Once infected, this forgotten data can ‘eat’ efficiency and create vulnerabilities.

So how does zombie data reanimate and multiply?

In a corporate setting, employees use PST files as a convenient filing system in Outlook during their tenure, and back PST files on hard drives daily. When the employee leaves, the IT Department, during the handover process, duplicates both the daily back-up and the latest packaged version when the employee leaves. For continuity, new employees may be given replicas of former employee's emails - thereby creating at least four copies of each PST file.

Infested with irrelevant data, the new zombie computer continues to store PST files on the corporate networks. Prone to corruption, the zombie computers and PST files can be used by hackers to breach security and carry out malicious attacks. In a corporate world where data is the lifeblood, this can constitute a fatal threat.

Economic Impacts of A 'Zombie Attack'

A 2014 study conducted by the Ponemon Institute found that the average cost of a data breach in 2014 exceeded US$5.85 million. That same year, Gartner analysts predicted a worldwide spending on information security reaching US$71.1 billion with the data loss prevention segment recording the fastest growth at 18.9 percent and security spending growing a further 8.2 percent in 2015 to US$76.9 billion. The increasing frequency and complexity of cyber-attacks makes security the highest ranking IT concern for Chief Information Officers; with more than half (51%) of CIOs surveyed voting security planning as the last item to receive budget cuts in 2015.

The study also showed that as many as 90 percent of malware-infected computers in Singapore are located in the Central Business District (CBD), making the city a target for hackers interested in getting hold of valuable financial information. Additionally, studies have shown that an advanced hacker phishes out data for an average 229 days before being detected.

While these statistics do not singularly identify the direct impacts of a zombie attack, they paint a grim picture should zombie data be allowed to breed in one's IT infrastructure. Undeniably, the extent of a botnet threat is severe as they are constantly evolving to outwit security defenses; representing a fundamental threat to the operational capabilities and economic stability of an organization.

A Simple Cure

The solution luckily is rather straightforward and it starts with the organization acknowledging the existence of such data in their network and deploying the required tools to intuitively find and eliminate it. Tackling the first issue of storage, PST files can be reduced to redundancy with a modern cloud-based archiving solution. A cloud-based solution is also easily managed, allowing tracking commands to be customized and activated upon request. Effective cloud-based solutions tackle these zombie files by deploying sequences to accurately classify the owners of orphaned or zombie PST files and allow the IT team to migrate, manage and eliminate them.  Often, the data becomes too tedious and too large to comb through but with management solutions, the files are probed on a broad, automated basis and provide the mandatory details, allowing for retention decisions to be made.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.