Experts warn companies to patch against Rinbot worm
CNN taken offline as Rinbot strikes at Symantec anti-virus applications.
Experts have savaged companies for not applying patches to vulnerable security applications despite being available for six months.
The Rinbot virus has spread around the globe infected computer systems by using flaws in Symantec anti-virus products with one of the most high-profile victims of the virus so far being CNN. The news organisation confirmed that the malware took its systems offline on Thursday.
According to reports from CNN, a hacker with a grudge against Symantec is said to be responsible for distributing the code. The code then spreads within a network turning computers into part of a botnet.
But experts said that there were no excuses for businesses not to get systems patched against these types of infections earlier.
"The fact that a patch has been available for this vulnerability for over six months demonstrates that businesses have yet to get to grips with ensuring that all their IT systems have the latest protection," said Alan Bentley, Managing Director of PatchLink EMEA.
"Considering that computer hackers are a continuous threat to businesses, it is quite astonishing that this hole has been left unprotected for so long."
Bentley said that once a security patch was announced by a security vendor this acted "like a red rag to a bull".
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Security hackers now have the opportunity to reverse engineer the security code that has been published, which enables then to write a computer virus to exploit the hole in the network," he said.
Bentley added that any organisation holding consumer data will need to apply the relevant security patch to mitigate this risk. "They can simply not ignore it - if a bank or retail organisation's network is found to have been exploited as a result of not patching against a known exploit, its consumer confidence will be profoundly damaged," he said.
He said that for compliance reasons, companies will need to prove that the application of this patch was successful, "in order to ensure that they are not exposed to potential legal ramifications and damaged reputation, if their network is ever infiltrated."
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.