In a small and darkened room overlooking Moscow’s Lubyankaya square, an ex-KGB computer specialist puts the finishing touch on a brilliantly crafted computer worm which will cause millions, perhaps billions of dollars in financial damage. His worm will spread silently and without human intervention by seeking out each computer on a network and digging in though a newly discovered Windows flaw. It will cross firewalls into seemingly protected networks by hiding in email attachments or innocent USB drives. If it finds a system that is fully updated and otherwise invulnerable it will attack it by guessing at administrator passwords and using the network file share to infect their system files. It will become the fastest spreading computer virus in history.

With the click of a mouse and a gleam in his eyes, he unleashes his brainchild. Tracking the virus’s spread on his monitor reminds him of his last exploit and the quarter million dollar bounty Microsoft put on his head. Confident in his anonymity, he chuckles to himself and smiles as, each minute, hundreds of credit card, social security, and bank account numbers are copied off infected machines and delivered to zombie computers he had previously hacked.

Throw in an underwater car chase and you have a great opening scene for a James Bond film. But this is no fiction. Based on the true story of the current Conflicker epidemic, our tale is a grave reminder that each day hackers breach the most secure networks of business, government and military organizations. No longer the stereotypical teenage rebel with bad skin, today’s hackers are in business for cold, hard cash. Their objective: to steal, then sell personal and corporate information that can be used to forge identities, obtain and access lines of credit, hack into bank accounts and more. The viruses they write are innovative, constantly evolving, highly sophisticated and one step ahead of the anti-virus products used to keep them at bay.

Written in Russia – or perhaps China, the Conflicker worm’s primary means of reproduction exploits a bug found in all versions of Microsoft Windows – both desktops and servers. The worm was first discovered in October 2008 and within weeks Microsoft released a fix – yet one in three PCs remain un-patched. The epidemic continues to grow at an astonishing rate that at one point exceeded a million computers a day. Fifteen million computers have already been infected worldwide and security experts worry the number could reach 300 million. In the vain hope of discouraging others, Microsoft has offered a $250,000 reward for the hacker’s identity.

Conflicker may be the worst we’ve seen since Nimda in 2001 but everyday viruses impact thousands of businesses. Sadly, human nature is to wait for the burglary before buying the new locks. Small businesses are especially vulnerable. Lacking the in-house computer expertise of larger firms many are barely aware that the risks exist – much less their seriousness or how to control them.

Nonetheless, a serious virus outbreak can be especially devastating to a smaller business where an infection can quickly take down every system they own. Incidents like that often result in extended downtime, lost productivity, huge system recovery costs. The most serious security breach results in disclosure of confidential data such as employee or client records, customer credit cards, medical or legal documents and so more. Business managers in today’s world would be wise to treat IT security risks with the utmost concern. So what steps can be taken to control these risks?

First, keep viruses from getting into your network in the first place. The biggest threats are email, web sites, and removable drives. Here are some important ways you can reduce the risk:

• Use email scanning tools to block emails with attachments that contain harmful content
• Disable auto-play for removable disks and memory cards to prevent viruses from running automatically when a USB memory stick or drive is inserted
• Control or monitor web site usage and restrict access to unnecessary or non-business related sites
• Ensure your network perimeter is secure by using a business-grade firewall and double checking its configuration at least once a quarter
• Develop policies for your staff to follow – such as not opening emails from unknown sources or connecting unprotected home laptops to your corporate networks

Next control the vulnerabilities of the computers on your network:

• Turn on Windows Update Service on all PCs and make sure the updates are being applied to all servers and desktops
• Ensure any third party software products with known vulnerabilities such as Adobe PDF Reader and Firefox are up to date if you use them
• Review browser add-ons such as toolbars and create a corporate standard as to what you will allow
• Make sure Windows Firewall is active on all computers
• If you have a server, you can set up policies that apply to all computers on the network to enforce some of these rules
• Use a corporate-wide, centrally managed anti-virus (such as Symantec Endpoint Protection) to ensure all desktops, laptops and servers are adequately protected and kept up to date
• Ensure you have a solid backup and recovery plan so that critical data is not lost and can be quickly restored in the event of a virus attack

Finally, if in spite of all you efforts you do get hit with a virus, immediate action is essential:

• At the first sign of an infection – such as unusual computer behavior or random pop-up windows – shut down the PC and unplug it from the network
• Scan all PCs on the network with the latest version of the a reputable anti-virus product such as Symantec
• Try to identify the source of the problem: was the user doing something such as opening an email, browsing a web site, installing new software. This will help with the clean up
• Get expert advice. Unless you know what you are doing, you are just as likely to make matters worse as to improve your situation if you try to clean the PC yourself
• If the virus has spread to multiple PCs, shut all the systems down and disinfect each on individually. Do not reconnect an infected PC your network until you are 100 percent convinced it is clean.

With the proper precautions, your computers will be virus free and you can feel somewhat secure that, even without James Bond on staff, your business is protected against the exploits of modern day Blofelds and your sensitive data will be … For Your Eyes Only.

Steve is the CEO of BlueWave Computing, one of Atlanta's fastest-growing IT services and consulting firm. He is a noted IT expert with over 30 years of IT experience and is frequently quoted by trade and business publications and is a published author of both academic articles as well as a book on computer programming. He has also served as an adjunct professor at Georgia Tech's School of Computer Science.