Read up on the latest ideas and technologies from companies that sell hardware, software and services. Cutting printer costs
Solve Exchange Mailbox Storage Issues Once and for All
Email Archiving Technical Overview
Vendor Influence Curves And How You Can Get The Best Value Out Of Your Network
Strategies for Eliminating .PST Files
How to Beef Up Your Sales Pipeline
Delivering the Power of Choice with Microsoft Dynamics CRM
Enterprise Wireless WLAN Security
Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Hewlett-Packard has been selling USB-based hybrid flash-floppy drives that were pre-infected with malware, the company said last week in a security bulletin.
Dubbed "HP USB Floppy Drive Key," the device is a combination flash drive and compact floppy drive, and is designed to work with various models of HP's ProLiant Server line. HP sells two versions of the drive, one with 256MB of flash capacity, the other with 1GB of storage space.
A security analyst with the SANS Institute's Internet Storm Center (ISC) suspects that the infection originated at the factory, and was meant to target ProLiant servers. "I think it's naive to assume that these are not targeted attacks," said John Bambenek, who is also a researcher at the University of Illinois.
Both versions of the flash-floppy drive, confirmed HP in an April 3 advisory, may come with a pair of worms, although the company offered few details. It did not, for instance, say how many of the drives were infected, where in the supply chain the infections occurred or even when they were discovered.
If a compromised drive is plugged into a USB port on any machine on the network, the worms may spread "to any mapped drives on the server," HP's alert said.
Up-to-date anti-virus software should detect the malware, but HP didn't specify which of the many available programs would find and then delete the worms. Symantec, for example, has signature definitions in its collection for both pieces of malicious code, which it identifies as "Fakerecy" and "SillyFDC."
HP's recommendations included scanning the devices for infection, but the company did not answer questions about the pre-infected drives.
The problem isn't limited to HP and the flash-floppy drives it sells for its servers. In January, big-box retailer Best Buy Co. admitted it sold digital photo frames during the 2007 holidays that contained malware. Best Buy did not recall the frames.
The ISC's Bambenek put the HP gaffe in context. "We've seen some miscellaneous devices [infected] here and there, but in the last four months, first we saw it with a USB key for Check Point's firewall, and now with servers today," he said. The Check Point Software Technologies USB infection was reported a couple of weeks ago to ISC by an end user, said Bambenek, and quietly and quickly fixed by the security vendor.
Bambenek also outlined several steps people can take to ensure that hardware isn't factory-infected, including scanning it for malware, searching the Internet for news or security advisory reports and returning any device that shows signs of infection.
"To be safe, yes, you should scan every piece of hardware," he said. "Certainly with devices distributed by corporations."
Computerworld Member Login
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Fujitsu PC targets Today's Young Adults with the release of the L series 2008-10-14 12:40:00+10
RSA survey shows employees’ everyday behaviours puts sensitive business information at risk 2008-10-14 11:29:00+10
Sound Alliance Group expands with acquisition of Mess+Noise 2008-10-14 08:48:00+10
Sterling Commerce Introduces New Managed File Transfer Capabilities That Cuts Server Change Management Time in Half 2008-10-14 08:41:00+10
Simms Exclusive Distributor of Cygnett MP3 Accessories 2008-10-14 08:10:00+10
Revolutionising Back-up and Recovery
Rapid adoption of virtual server technology, and the challenges associated with the backup and recovery of ever-growing stores of information is causing a number of IT managers to reevaluate their data protection strategies. New backup and recovery methods which use data de-duplication technology to reduce capacity and network bandwidth requirements are being deployed to keep up with explosive data growth, shrinking backup windows, compliance initiatives and security concerns. Read on to find out more.
