security is our bidness

And bidness is good!

I've mentioned in the past I think, that I spend my working hours in a cubicle at a major Canadian bank. I'll leave it at; if you've ever watched Canadian TV you've heard of us. Banks (and finance in general) have been flogged a lot in public recently for stupid security screw ups and it shows no signs of slowing down. So when some nasties tried to mess about with me at work today and our guys jumped all over it I thought I'd mention it as a stroke in the Win column.

I received a message in my work email claiming to be from a facebook friend, pretty unusual right there as my facebook emails go to my personal email account and not to work. I clicked through though figuring our various firewalls and proxies would protect my dumb ass from anything too nasty, but instead I was presented with a sketchy site at some IP with no domain name and a flash video window informing me that my Adobe Flash plugin was out of date and I needed to upgrade it. I saved the unsigned 'setup.exe' that came along and figured if it was all that horrible even though it had got through the proxy my desktop antivirus would pipe up and warn me.

Nope.

So I uploaded it to virustotal and discovered that the particular antivirus software we're using doesn't detect this virus yet. So like a good little cube monkey I emailed our infosec response team to let them know we weren't protected from this particular bit of nastiness. Here's the timeline of events ...

11:39 am - I send an email to security describing what happened.
11:39 am - I receive a read receipt indicating some human is reading my email.
11:40 am - I receive a phone call from security to discuss the event.
11:45 am - The offending domain is blackholed by our firewall.

Six minutes from start to finish, not too bad if I say so myself. Canada, I can't speak for the guys in ties who've got your money, but the geeks in sneaks have got your back!