Do Not Ship, or Receive, Trojan Horses
Academic journals and trade press have explored several likely routes of malware contagion against which information security practitioners need to defend. These include traditional ‘tunnels and bridges’ that bypass the firewalled corporate perimeter, such as visitor’s laptops, VPN tunnels, encrypted & zipped email attachments, unencrypted wireless, and weak authentication. A potential threat that has not been widely documented is embedded Windows ™ based systems and appliances. Corporate networks that are otherwise highly secure often have some tens of nodes that are not generally recognized as ‘computers’, however run networkable Windows ™ operating systems (OS). These devices range from smart phones to engineering microscopes, from oscilloscopes to print stations, and many others. They may have no single owner, and frequently generic or group user accounts are established on them. They have not been purchased by the IT department and may not appear on IT’s lists of machines to patch and monitor. Vendor’s practices vary widely, with results for their customers ranging from ‘no issue’ to ‘serious risk’. This paper narrates the embedded appliance infosecurity lifecycle, to provide vendors of such systems with best-in-class precautionary measures they should take on behalf of their customers’ security, and to provide purchasers of such appliances with a checklist to enable them to select secure products. LeCroy, a leader in safe and secure Windows ™ appliance engineering, provides the reference case for best-in-class practice. Research in this field is being conducted at LeCroy and elsewhere, in August 2005, by Dr. Julia Kotlarsky of Warwick Business School, and Dr. Ilan Oshri of Erasmus.