IT at USC - Message from the CIO

Recent media coverage of the potential danger of the Conficker worm has highlighted the important role of IT security in all of our lives.

In the past few decades, malicious programs have evolved from simple, single-purpose code, designed to destroy files, to complex technology capable of connecting to the Internet, stealing passwords and credit card information, and sending spam and phishing messages, all without the user's awareness. As the lead story in this issue of IT at USC demonstrates, even a handful of stolen passwords can make it possible for cyber criminals to send out hundreds of thousands of spam and phishing messages.

Malicious programs, such as Conficker, are able to quietly infect millions of computers and lie dormant for indeterminate periods of time. Such programs are designed to escape notice, yet they possess the ability to wreak havoc on the lives of individuals and the operations of millions of organizations worldwide.

We all know the importance of installing a firewall and antivirus program on our computers. However, these measures are only effective if users regularly update security programs and install operating system patches.

In the case of the Conficker worm, Microsoft released a patch for the operating system vulnerability exploited by the worm in October 2008. Antivirus software vendors routinely released updated virus definitions to block the various strains of the worm. However, months later, millions of computers worldwide remained exposed.

Although the Conficker worm did not produce the disruption that was anticipated by some, we know that there are countless other malicious programs out there, capable of producing significant damage.

If you do not have firewall and antivirus programs installed on your computer, please install them as soon as possible. ITS provides all USC account holders with free firewall and antivirus programs at software.usc.edu. You will need to log in.

As always, we encourage you to send your feedback to it-news@usc.edu. If there is an area of information technology that you would like to learn more about, please let us know.

Ilee Rhimes
Chief Information Officer and
Vice Provost for Information Technology Services