I spoke to a large, multinational client the other day that is in the middle of a malicious hacking attack. A large percentage of the company's workstation computers are compromised. The attackers have access to nearly every server in the global environment. Executive email is being read, confidential data is no longer confidential, and state secrets are no longer secret.
Chinese hackers? We got 'em. Russian hackers? Check! Spearfishing malformed PDFs? Naturally. Socially engineered Trojans all over the place? You betcha! Accounting department's banking system compromised? Of course -- it wouldn't be a party without it.
Here's the kicker: In the middle of the call, I actually forgot which client I was talking to -- because every company I've worked with over the past two years is in the same situation.
[ Juniper and Symantec are investigating widespread cyber espionage that has hit dozens of technology companies. | InfoWorld's Roger Grimes explains how to stop data leaks in an enlightening 30-minute webcast, Data Loss Prevention, which covers the tools and techniques used by experienced security pros. ]
Is it because of my job that I'm the only person aware of companies in these types of dire straits? It's not only large firms -- it's nearly every enterprise I'm aware of. Also, it goes beyond the businesses sector; my city is infected and has been nearly shut down. It's also hit my friend's computer -- an iMac. It's the same story with my mom's computer and my neighbor's computer. It makes me wonder: Is anybody not exploited?
My (virtual) hat is off to the hackers. They've managed to infect and exploit the world, and it doesn't appear that people care. It's so bad that this passes for life as usual. It's like learning to accept Mother Nature's natural disasters as inevitable -- though hackers can be stopped. I keep hoping that everyone will decide to come together in a "We Are the World"-type project to make it more difficult for malicious hackers to flourish on the Internet, but it doesn't seem likely anytime soon.
Get the most out of the storage you already own. Download this whitepaper today and examine 7 key technologies behind maximizing your storage efficiency.
Download now »Stop unscrupulous insiders. A clever criminal can lull the boss into believing nothing is amiss. Systems designed to monitor the network for patterns of criminal or destructive behavior are much harder to fool. Learn how to put the right countermeasures in place and vastly reduce the threat posed by insiders.
Download now »Examine the 5 unique requirements that virtualization imposes on hardware, and discover how the next generation of HP's ProLiant server line can deliver virtualized, efficient data centers, rapid ROI and lower operational expenses.
Download now »Address the backup and restore challenges created by virtualized server environments by following these technical recommendations. Learn how VMware Consolidated Backup in conjunction with HP Data Protector can realize a VMware ESX backup that surpasses the 1 TB/h performance threshold, while minimizing storage resources overhead.
Download now »Roger,
You are right that there is really no advantage in using one low assurance OS over another. However, with distributed computing came distributed risk, and the average computer user is not equipped to deal with the ever increasing number and severity of threats.


This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
Security researchers have unearthed a massive botnet affecting at least 75,000 computers at 2,500 companies and government agencies worldwide.