Gibe-F Worm is Wake Up Call for Companies

Sophos, a world leader in anti-virus protection for businesses, is advising that the new Windows worm, Gibe-F (W32/Gibe-F, also known as Swen), which arrives as an email attachment masquerading as a security patch, is a wake up call for businesses to take proactive measures in order to prevent virus infection.

Sophos is urging companies to block executable code at the email gateway and educate users that they should not automatically trust anything they receive via email. Sophos advises that companies should put in place a system whereby any executable code sent into the company from the outside world is quarantined, rather than left for a user to make a decision on whether or not to run it.

“Recent virus outbreaks such as Blaster, Nachi and Sobig-F have raised many users’ awareness of computer security,” said Graham Cluley, senior technology consultant for Sophos Anti-Virus. “Users may think it is a good idea to install any security patch which is sent to them. Unfortunately, they may be falling straight into the virus writer’s hands. Businesses need to take the responsibility for security out of the hands of users while educating staff that they mustn’t blindly follow web links which arrive by email.”

Sophos advises that several steps can be taken to avoid security breaches:

* Never accept security updates which arrive as email attachments – companies such as Microsoft never send out security patches by email, which makes the Gibe-F worm a dead giveaway.

* If you have a mail server which can block attachments, do not allow attachments which contain programs to be received from the outside world.

* Consider removing peer-to-peer file sharing programs from business networks – there are few cases where unregulated file sharing can be justified in a business environment.

* Exercise caution when dealing with emails – those which sound too good to be true probably are.

More information about the Gibe-F worm can be found here: