|
contents | technologies | |||||||
| Networks and data protection from blackworm damage ForeScout Technologies, the leading provider of clientless Network Access Control (NAC) and policy enforcement solutions, today announced that its CounterACT appliance has pro-actively detected and automatically blocked the propagation of the CME-24/BlackWorm and its variants throughout its customers' networks. In addition, CounterACT's network policy enforcement module has ensured that all network users' anti-virus software is updated with the latest definitions to prevent data loss and propagation of this file-destroying worm. According to several network security and research sources, hundreds of thousands of computers are believed to be infected worldwide. This variant of the worm is said to be particularly harmful because it is designed to permanently delete the most common file types such as ".doc", ".xls", ".pdf", ".zip" and a number of others from infected endpoints beginning on February 3, 2006. The malicious code is distributed as an email attachment, and once opened, propagates itself throughout the network by searching for any devices and resources accessible by the infected users. "While the BlackWorm vulnerability gives infected users a window of opportunity to update anti-virus signatures and mitigate the threat before it begins to destroy data, it is highly probable that the next version or variant will not be as forgiving, " said Ken Kousky, CEO of IP3, Inc. "Enterprise networks must have automated threat detection and mitigation in place in order to effectively contain and combat 'zero-day' threats, as well as a network policy enforcement system that ensures all connected devices are compliant and up-to-date." CounterACT's patented intrusion prevention methodology prevents the worm from propagating itself throughout the network and is the only solution that provides accurate and automated protection against "zero-day" threats without relying on signatures or pattern files of any kind. The appliance detects the worm as it attempts to connect to other hosts, verifies malicious nature of the code, and blocks the network connection of the infected device to prevent any further propagation. In addition, the network policy enforcement feature ensures that users' anti-virus definitions are up to date to prevent infection when the worm is received through email. "ForeScout has always been committed to ensuring the safety of our customers' networks, without requiring them to constantly update their defenses with new signature/pattern files, " said Oded Comay, chief technology officer at ForeScout Technologies. "To CounterACT, this threat is no different from the variety of other network worms we have detected and blocked at the first instance. The only distinction with Black Worm is its maliciousness, by attempting to destroy files most commonly associated with business productivity. ForeScout customers can rest assured that when this worm comes to life, CounterACT will instantly stop its propagation and prevent further loss of data." write your comments about the article :: © 2006 Networking News :: home page |