March Madness could lead to malware infection, experts warn

Share this article:

Assuming they have not called in "sick," employees at companies of all sizes could spend today and Friday bringing the network to a screeching halt or opening it up to malware infection, security experts warn.

Welcome to March Madness, when dozens of men’s college basketball games air Thursday and Friday as teams compete in the opening round of the 64-team tournament. For many workers, that means a serious drop in productivity as they neurotically watch the games, hoping to improve their standing in the company office pool.

But for IT administrators, this annual tradition means clogged network connections – as users stream video of the games at their desks – or the risk of malware infiltration, as those same users visit malicious websites to place bets, manage brackets or get scores.

"It’s the last major sporting event that occurs during the business day," Eric Lundbohm, vice president of marketing at 8e6 Technologies, a web filtering firm, told SCMagazine.com. "It’s not just interest; these games are actually happening."

Paul Henry, vice president of technology at Secure Computing, said cyberthieves are increasingly targeting popular websites with script malware, often undetectable by anti-virus signatures. He cited the example of Dolphin Stadium's website, which crooks embedded with JavaScript malware that took advantage of two patched Microsoft vulnerabilities, in the days leading up to this year’s Super Bowl.

"The popularity of the sites is going to drive hackers (there) to see if they can be compromised," Henry said. "The malware would traditionally be keyloggers and trojans."

Lundbohm said companies should accept the inevitable and not apply a draconian approach to policing the event.

"Each employer should start off with a policy that says, ‘We know you’ll be interested in this – be warned that you’re being watched,’" he said.

Enterprises also should ensure their anti-virus definitions are up-to-date, monitor breaking security news and, perhaps most of all, be flexible. Lundbohm’s company, for example, sets up plasma televisions in conference rooms to deter users from overwhelming the network bandwidth.

Even CBS admits today and Friday are unofficial days-off.

"We here at CBS want to apologize for slowing down the American economy for two days every year, but that is the price you pay for March Madness,'' Sean McManus, president of CBS News and Sports, told the Los Angeles Times this week with a laugh.

Click here to email reporter Dan Kaplan.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.