20 February 2007

Malware infection

On a recent visit to China the PC laptop of a member of the Division’s staff became infected with a virulent form of malware: believed to be a trojan called FUJACKS.W32.

In an effort to repair the staff member’s PC, TSU staff involved attached an external hard drive to the infected computer. The hard drive became infected with the trojan, which was then unknowingly transmitted to the computer controlling the GlobeCaster vision switcher in the Television Control Room during an upgrade process. An external contractor’s PC may then have been infected with the trojan when it was connected to the GlobeCaster as a part of the upgrade process. The GlobeCaster is not connecter to the University network, particularly because the nature of the computer is such that the normal security patches shouldn’t be applied and therefore the computer is vulnerable to malware attack if it is connected to the Internet.

The staff member’s portable computer is now unusable and has had to be replaced. The GlobeCaster is currently not working, but a replacement for the controlling computer had been ordered anyway and will be installed, hopefully malware-free. We are awaiting confirmation that the trojan has not spread to other computers on the University network.

Staff should be reminded of the dangers of exposing their computers to malware attack. While measures are in place on the University network to reduce the risk (but not eliminate it entirely), attaching University computers to networks (wired or wireless) outside the campus, at home, during Conferences or at other institutions, comes with the possibility of greatly increased danger of the machine being compromised in some way. This incident is not unique: within the last month ICT Services has contacted the Division to report that a staff member’s computer that was attempting to connect securely (via VPN) to the University network from home was infected with malware. Access was denied until the computer concerned was cleaned up.

One suggestion is that people needing computers off-campus should use a Macintosh. While the Macintosh operating system is not immune to malware attack, it is more secure than Windows and there are no known malware exploits currently in circulation that would compromise a computer running Mac OS X. The Division should consider increasing the number of Macintosh portable computers available for short-term loan to accommodate this requirement.


A new campus-wide Calendar, too.

Currently ICT Services support the campus-wide scheduling application Oracle Calendar. The Exchange environment includes its own scheduling environment integrated with the system. Staff will interact with the Calendar using the same clients they use for email: Outlook on the PC and Entourage on the Macintosh. It is unclear at the moment if the Oracle Calendar will be moved over to Exchange when the ICT Services Exchange 2003 Server comes into production in March this year, or whether the changeover will happen with the move to Exchange 2007 next year.

Email migration

Now that Divisional Home Directories and Shares have been migrated to ICT Services, the next project is to migrate email from the cemail server (also known as isaac) to ICT Services. While the Division should be aware of this project, it is unlikely to have any impact on staff use of email until, at the earliest, late this year.

In March 2007 ICT Services will pilot Exchange 2003 with Development and International, to iron out any problems. It will then roll Exchange 2003 out across the other areas of the University not currently on Exchange (HDS and the other non-Academic Divisions). COMEDU and BLIS are already using Exchange 2003 so there will be no noticeable impact on either Division during this stage (COMEDU and BLIS will continue to host their staff email on their existing servers: the rest of the University will be hosted on an ICT Services Exchange 2003 Server).

After Semester 2, 2007, ICT Services will implement Exchange 2007 on a new server. Over the summer break 2007-2008, all users (including BLIS and COMEDU users) will be migrated to the new Exchange 2007 Server. After the migration to the ICT Services’ Exchange 2007 Server, BLIS and COMEDU will be able to decommission their Divisional servers.

Sometime this year ICT Services’ disk images for staff will contain Outlook 2003 (PC) or Entourage 2004 (Macintosh) as a part of a rollout of Office 2003 (PC) and Office 2004 (Macintosh). While most of the Division’s staff computers will support Office 2003/2004, it is too early to say whether the Division will get the new images this year or deploy them widely. We will probably wait until 2008 before updating across the board, when there will be a move to use Office 2007 (PC) or 2008 (Macintosh) to support Exchange 2007.

The move to Office 2007 (PC) and Office 2008 (Macintosh) in 2008 will be a major change since the new Office suites are radically different to previous versions. Significant staff training will be required to ensure the transition is smooth. There may also be some problems with older hardware that doesn't run these new Office suites satisfactorily: more research is required before the impact of the changeover can be determined with any accuracy.

Once the new Office suites are in place, support will only be provided for Outlook (PC) and Entourage (Macintosh) as email (and Calendar: see following item on Calendar migration) clients. While Divisional staff will not be required to use these clients, the then current versions of Outlook and Entourage will be the only ones supported. Nothing will be done specifically to prevent staff using whatever email client they can get to work to access their email, but they won't be supported if they need assistance.

Off-campus access to email will also change. Staff will need to use a Virtual Private Network, or VPN, connection to the campus network to be allowed access to their email and calendar from anywhere outside the campus. There will be some difficulties with this approach (user training, infrastructure and capacity within the University to support VPN connections, VPN clients on computers used by staff outside the University to access the services here, configuration help and support, and so on) that will need to be monitored and addressed as the system is implemented.