Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

What is Grinch.exe and What Should Organizations Do about It?


November 26, 2007 By

It's Black Monday, the busiest online shopping day of the year. Chances are, if you work in an office, you're using your company-issued PC or laptop to do a little online shopping in advance of the holidays. You're not alone. Of the $116 billion expected to be spent on online retail purchases this year, $39 billion of that will be spent during the holiday season, an increase of 20 percent over last year, according to Jupiter Research. Nearly half of that shopping will be done during work hours; in fact, a recent Bill Me/Ipsos Insight survey revealed that 12 million Americans admitted to shopping online during work-related conference calls!

If you are surfing the web, such shopping might inadvertently take you to web sites loaded with spyware, key loggers, and other malicious software, making your credit or identity information vulnerable to theft and / or creating havoc on your operating system. But by the time your PC is infected with malware or unknown files such as Grinch.exe, it's too late. In fact, every time an employee shops online, they increase their risk, says Brian Gladstein, director of product marketing for Bit9, a leading application control and device control solution provider.

"As we launch into the holiday shopping season, employees will inadvertently expose their company PCs and laptops to potential security threats," Gladstein noted. "It's critical that IT professionals proactively protect their endpoints by stopping unknown software from ever executing."

For example, Gladstein observed that employees are very likely to have vulnerable applications running on their systems, which are easily exploited by the latest attacks. He recently authored a research brief on the top popular vulnerable applications for 2007.

Fortunately there are easy and efficient methods that will help IT professionals guard against these online threats. Gladstein advises a simple five-step approach, including:

1) Define an appropriate application control policy

This policy should answer questions such as: What applications will we authorize users to install and/or run on their own? What software will not be authorized? Are unknown files that could potentially be malware, such as Grinch.exe, authorized to run in our environment?

2) Monitor your PCs

Not sure what's being copied onto the computers you manage? Use a software identification service to understand the true nature of that software. Free services such as FileAdvisor (http://fileadvisor.bit9.com) let you look up and identify unknown files like Grinch.exe.

3) Understand where the vulnerable applications are in your network.

A complete picture of where the vulnerabilities are on your network is required to ensure you are addressing them. After all, if you do not know a user is running a vulnerable application and they connect their laptop to a public wi-fi spot, you risk a possible intrusion and / or loss of data on that computer.

4) Be aware of new vulnerabilities

Stay on top of new vulnerabilities by visiting resources such as the National Vulnerability Database (http://nvd.nist.gov), the SANS Institute (http://www.sans.org), and the U.S. Computer Emergency Readiness Team (http://www.us-cert.gov).

5) Stop unwanted software before it executes

Consider using application control and device control products such as Bit9 Parity to help you control what applications and devices can and can not operate. Stopping unwanted software before it can execute will always be your best defense in protecting desktops, laptops, and servers from malware, spyware, zero-day attacks, and any unknown, unwanted, or unauthorized software.

"The bottom line is that you can't be careful enough," Gladstein summarized. "We recommend everyone implement application controls to ensure that unknown, unauthorized, or unwanted software that is downloaded, either on purpose or inadvertently, never gets a chance to run."

-------
Bit9, Inc. is the leading provider of application control and device control solutions. The company's award-winning, patent-pending whitelisting technology prevents malicious software and data leakage by centrally controlling which applications and devices can and cannot operate.



| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All