Government Technology

What is Grinch.exe and What Should Organizations Do about It?


November 26, 2007 By

It's Black Monday, the busiest online shopping day of the year. Chances are, if you work in an office, you're using your company-issued PC or laptop to do a little online shopping in advance of the holidays. You're not alone. Of the $116 billion expected to be spent on online retail purchases this year, $39 billion of that will be spent during the holiday season, an increase of 20 percent over last year, according to Jupiter Research. Nearly half of that shopping will be done during work hours; in fact, a recent Bill Me/Ipsos Insight survey revealed that 12 million Americans admitted to shopping online during work-related conference calls!

If you are surfing the web, such shopping might inadvertently take you to web sites loaded with spyware, key loggers, and other malicious software, making your credit or identity information vulnerable to theft and / or creating havoc on your operating system. But by the time your PC is infected with malware or unknown files such as Grinch.exe, it's too late. In fact, every time an employee shops online, they increase their risk, says Brian Gladstein, director of product marketing for Bit9, a leading application control and device control solution provider.

"As we launch into the holiday shopping season, employees will inadvertently expose their company PCs and laptops to potential security threats," Gladstein noted. "It's critical that IT professionals proactively protect their endpoints by stopping unknown software from ever executing."

For example, Gladstein observed that employees are very likely to have vulnerable applications running on their systems, which are easily exploited by the latest attacks. He recently authored a research brief on the top popular vulnerable applications for 2007.

Fortunately there are easy and efficient methods that will help IT professionals guard against these online threats. Gladstein advises a simple five-step approach, including:

1) Define an appropriate application control policy

This policy should answer questions such as: What applications will we authorize users to install and/or run on their own? What software will not be authorized? Are unknown files that could potentially be malware, such as Grinch.exe, authorized to run in our environment?

2) Monitor your PCs

Not sure what's being copied onto the computers you manage? Use a software identification service to understand the true nature of that software. Free services such as FileAdvisor (http://fileadvisor.bit9.com) let you look up and identify unknown files like Grinch.exe.

3) Understand where the vulnerable applications are in your network.

A complete picture of where the vulnerabilities are on your network is required to ensure you are addressing them. After all, if you do not know a user is running a vulnerable application and they connect their laptop to a public wi-fi spot, you risk a possible intrusion and / or loss of data on that computer.

4) Be aware of new vulnerabilities

Stay on top of new vulnerabilities by visiting resources such as the National Vulnerability Database (http://nvd.nist.gov), the SANS Institute (http://www.sans.org), and the U.S. Computer Emergency Readiness Team (http://www.us-cert.gov).

5) Stop unwanted software before it executes

Consider using application control and device control products such as Bit9 Parity to help you control what applications and devices can and can not operate. Stopping unwanted software before it can execute will always be your best defense in protecting desktops, laptops, and servers from malware, spyware, zero-day attacks, and any unknown, unwanted, or unauthorized software.

"The bottom line is that you can't be careful enough," Gladstein summarized. "We recommend everyone implement application controls to ensure that unknown, unauthorized, or unwanted software that is downloaded, either on purpose or inadvertently, never gets a chance to run."

-------
Bit9, Inc. is the leading provider of application control and device control solutions. The company's award-winning, patent-pending whitelisting technology prevents malicious software and data leakage by centrally controlling which applications and devices can and cannot operate.



| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
Meeting Constituents Where They Are With Dynamic, Real-Time Mobile Engagement
Leveraging the proven and open Kofax Mobile Capture Platform, organizations can rapidly integrate powerful mobile engagement solutions across the spectrum of mobile image capture, mobile data capture and complete mobile process integration. Kofax differentiates itself by extending capture to mobility, supporting multiple points of constituent engagement. Kofax solutions dynamically orchestrate the user’s mobile experience from a single platform—reducing time to market, improving process perf
Public Safety 2019
Motorola conducted an industry survey on the latest trends in public safety communications. The results provide an outlook of what technology is in store for your agency in the next five years. Download the results to gain this valuable insight.
View All

Featured Papers