Tuesday, September 11, 2012

Ongoing network wide hacker attacks related to Java software

Hi Everyone,

Since Monday 09/03 Union Tech Coop technicians have been monitoring breaking security news that hackers are actively attacking computers that are running out of date versions of Java software.

Java is a prerequisite software that some applications and some websites require to work. Computers that Union Tech Coop has deployed in the past include Java software for several reasons:
1. The OpenOffice/LibreOffice software suite uses Java for the Database application in the suite.
2. So clients that use websites that require Java do not receive error messages.
3. So clients that run applications that require Java do not receive error messages.

The difference between previous hacker attacks and the current ongoing attacks is that previously only a single computer would be compromised. In the recent series of attacks a single computer is compromised, then the compromised computer is used as a platform to attack all other network computers that are missing security updates. In a typical network environment this means that nearly every computer on the network will be compromised as well - a disasterous situation for an organization that relies on those computers for day to day operations.

Here is a description of a real world infection scenario, including the amount of work required to recover a single infected computer:
http://www.theregister.co.uk/2012/09/03/java_cleanup

Emergency security updates have been released, but hackers are continuing to attempt to exploit the most recent versions of Java as they are released. Until the current versions of Java have been confirmed to be secure, the best practice is to remove Java software entirely:
http://www.informationweek.com/security/attacks/java-still-not-safe-security-experts-say/240006876

Union Tech Coop technicians have identified several ways to allow an organization that requires Java to continue to use Java software only for trusted applications and websites - while disabling Java for all other untrusted uses.

If your organization requires Java, Union Tech Coop technicians recommend implementing proactive security measures as soon as possible to avoid a network wide malicious software infection. Union Tech Coop technicians are standing by to provide assistance. Please call (608) 616-9925 if you would like to schedule a security assessment.