I was reading a technical bulletin recently by Kaspersky Lab Expert, Marta Janus. The topic was a particular type of computer virus and how it operates. In the first paragraph of the lengthy article, Janus makes this observation:
“The malicious code can be triggered by a specially crafted DOC or RTF file for MS Office versions 2003, 2007 and 2010. Although this vulnerability was patched by Microsoft more than a year ago, it seems that not everyone cared to install the updates. And those who didn’t may be at risk of getting all their documents, pictures and databases encrypted by a new version of the Gimemo ransomware.”
Janus’ article underscores a point I have seen repeatedly. Virus makers do not always have to invent clever new viruses to break into our IT systems, although they certainly spend the lion’s share of their time doing so. Sometimes, all they have to do is resurrect some old viruses and shotgun them out to cyberspace. Every time they do that, they know they will always find some IT systems that simply are not up to date—in other words, red meat.
Ignorance is bliss does not work with cybersecurity. Ignorance quickly turns into an IT disaster. Cybersecurity is the war that never ends.