Archive - Year 2003

Office of the Government Chief Information Officer, The Government of the Hong Kong Special Administrative Region

	Archive > Year 2003 > ITSD > Press Releases in Year 2003

Public reminded to stay alert of computer virus
27 - 01 - 2003

The Information Technology Services Department (ITSD) today (January 27) reminded the public to stay alert of a computer worm called "SQL Slammer Worm" which has spread rapidly in the past few days.

The worm exploits a known security vulnerability in the Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 software. It slows down or shuts down infected servers and causes degradation or denial of service in network connectivity.

Members of the public are urged to update their software with the latest security patches issued by the corresponding software vendor to protect their computers from being infected.

An ITSD spokesman said that more details of the worm as well as the related security patches could be found on both the web sites of the ITSD ( http://www.infosec.gov.hk/english/virus/alerts_va_2003.html#SQLSlammer ) and the Hong Kong Computer Emergency Response Team Coordination Centre ( http://www.hkcert.org/valert/vinfo/sql.slammer.worm.html ).

He added that security alert of the vulnerability and the related security patches had already been distributed to all government departments as soon as the ITSD received the information in July last year. A reminder had also been issued to all computer users in the Government to draw their attention to the worm.

So far, no reports have been received from government departments on the infection of the worm.

The spokesman said, "Information security has always been of paramount importance to the Government as it is an important pillar to support the fast pace with which the e-business environment in Hong Kong needs to develop."

He reminded the public that they could effectively protect their computers from a lot of common cyber attacks by adopting some basic principles and measures. He cited some "DOs" and "DON'Ts" of good computing practices including -

DOs

Do install anti-virus software and scan personal computers (PCs) and servers regularly using the latest virus signatures;
Do scan all e-mail attachments, downloaded files, floppy disks and compact disks before use;
Do keep software up-to-date with the latest security updates and patches;
Do perform on-line transactions only at reliable web sites that offer security protection, such as use of encryption, security socket layer (SSL) or security electronic transaction (SET) techniques;
Do choose passwords that are difficult to be guessed by others and change them regularly;
Do enable the password function for screen savers and power-on sequences; and
Do disconnect your computer from the Internet when it is not in use.

DON'Ts

Don't visit suspicious web sites;
Don't download files from doubtful sources;
Don't open or forward e-mails and e-mail attachments from unknown sources;
Don't enable automatic processing of e-mail attachments;
Don't disclose or submit personal information unnecessarily;
Don't use system default passwords;
Don't save login passwords into PCs or servers without adequate protection; and
Don't disclose Internet accounts and passwords to others or share with them.

To raise public awareness and promote ethics on information security, the Government set up the INFOSEC web site ( www.infosec.gov.hk ) last year which serves as a one-stop portal to facilitate the public's access to various information security and computer virus related resources and updates.

Members of the public are welcome to visit the INFOSEC web site to obtain more information and to keep pace with the development and updates on information security.

- END -

Top

2003

| Important notices | Privacy Policy

Last review date : 31 August 2008