A holiday season for hackers?

Will there be another Xmas attacks on Microsoft's Security Response Center this year?

There wasn't a lot of holiday cheer for Microsoft's Security Response Center late last year.

Just a few days after Christmas, criminals had found a new way to attack. By taking advantage of an unpatched bug in the way Internet Explorer processed an obscure graphics format, called WMF (Windows Metafile), they were able to install unauthorized software on PCs.

Soon reports started coming into Microsoft of malicious Web sites that were taking advantage of this bug to spread adware and spyware.

"Within 15 minutes, we were all on the phone and people were coming in and discussing it through the holidays," said Mark Griesi, senior program manager with Microsoft.

"People were literally here 24 hours a day," he said. "I really hand it to those guys. They came in and worked through the holidays ... It's a side of Microsoft that folks don't see."

A week later, Microsoft took the unusual step of issuing an emergency patch for the WMF problem. Still, critics said that the software giant had waited too long, given the scope of the attack.

So will there be another WMF-style outbreak next week?

Nobody really knows the answer to that question, of course, but recent patterns of attacks seem to suggest it may be likely. The Sobig, Blaster and Zotob worms were all released in August, for example, the end of summer holidays in Europe and the U.S., and attackers seem to be getting better lately at timing the release of their malicious software in order to have maximum effect.

IT administrators are harder to reach, and less likely to patch software or issue work-arounds during the holidays. And college-age hackers have more time on their hands to work out new attacks, or so the thinking goes.

Security experts generally agree that another WMF-style attack is no more likely to occur next week than any other, however.

The idea that attacks somehow spike during the holidays is "more of a fallacy than anything else, said David Marcus, security research and communications manager with McAfee's Avert Labs. "Most enterprises I've dealt with have just as much coverage during the holidays as any time of year."

Microsoft's Griesi agreed that the traditional holiday business slowdown in the U.S. does not apply to security professionals. "The holiday season doesn't affect our ability to respond," he said.

Though enterprises may be prepared for cyberattacks, the December rush of online shopping does spur certain types of online scams, Marcus said. "You'll see certain techniques become prevalent at certain times of the year," Marcus said. "You'll see some holiday spam or some charity spam."

Nevertheless, Susan Bradley plans to be a little extra-cautious over the next week, monitoring a well-known computer security discussion list for any signs of trouble. "I will be looking at the Full Disclosure list like crazy" said Bradley, chief technology officer with Tamiyasu, Smith, Horn and Braun, Accountancy.

And like Microsoft, many businesses are prepared to quickly mobilize their IT teams, in the event of an attack.

At the Port of Seattle, for example, security monitoring will continue as normal over the holidays, according to Ernie Hayden, chief information security manager with the port.

He isn't sure whether next week will bring another WMF-style outbreak, but he said he was holding to a simple mantra over the holiday season. "Be prepared. Just be a good old-fashioned Boy Scout," he said. "Don't expect that everything you're doing is going to be perfect."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Victorinox Werks Professional Executive 17 Laptop Case

Learn more >



Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?