■Considerable progress in the past year limiting the spread of malware .
The remaining significant risks of the spread of malware are through users clicking on virus
infected email attachments, or clicking on URL's with harmful content that exploit
vulnerabilities in web browsers.
■Saw first widespread destrutiv worm
this year: Witty
■AOL announced this year, general
availability of AOL PassCode, a two-factorauthentication
■Keystroke logging (viruses/worms
that capture user keystrokes likepasswords, credit card numbers or other sensitive data) are becoming more
common.These worms store keystrokes on
local HD or send to IRC.
■Keystroke logging worms and
backdoors are beginning to appear more frequently : -9/03 Fizzer worm,
Bugbear (seen at Penn) 4/04 SDBot (seen at Penn
■Wide distribution of a keystroke
logging worm could seriously undermine the security of PennKey passwords.
■Additional emphasis on email
attachments, web surfing and firewalls in end user awareness campaign.
■Critical Host Policy to require all
critical University data on managed servers w/ backups, and to mandate virus filtering on mail
■Computer Security Policy to require
activation of desktop operating system firewalls.
■PennKey was designed to include the
flexibility to expand PennKey authentication from simple password-based authentication to also support
stronger form of authentication such as hardware authentication tokens. Begin R&D work and develop a
contingency plan for supplementing PennKey password authentication with stronger forms ofauthentication.Among other options, explore possible
integration of hardware authentication tokens with next-generation PennCard.