■Include expanded information
about file sharing risks and how to disable file sharing in campus-wide
end-user awareness communications.
■Modify Computer Security
Policy to require activation of operating system firewalls for all
■Modify Critical Host Policy to
require that within 2-4 years all critical University data be stored on
centrally or locally managed file servers with abackup program in place.
Proposal Subject to Approval
■A “zero day worm” is one
that exploits a vulnerability which has not been publicly disclosed, and for
which no patches are
available.All machines running the
targeted service would be vulnerable, even if fully patched.
■Limiting factors are the
ability to acquire many zero day exploits and the ability to conduct extensive
testing on numerous
platforms.Nation-states are the only
groups likely to have sufficient resources.
■Windows SMB/CIFS file
sharing service (garden variety Windows Ffile Ssharing service enabled on
Windows machines) is the most likely target of a worst-case-worm.
■A blended attack would be most likely: Windows file sharing
attack would only be one attack vector, supplemented by email and spread to trusted, open file
■ A 60% rate of compromise
for the world’s business PCs is a reasonable estimate for an attack by a
■Machines not behind firewalls, but with direct Internet
connectivity would be compromised in minutes at most.
■ Most machines would be
compromised within several hours, whether on private intranets, or with direct
■Estimated cost per system
is $5-6K (data loss, productivity, hardware damage).