It is often the case that infrastructure teams only really get noticed when something goes wrong. Synopsys’ Information Security and Web teams had the dubious honor of being put in the spotlight last week when the company’s website, Synopsys.com, was attacked. On January 3, 2013, Chrome and FireFox users trying to access Synopsys.com started receiving warning messages about potential malware being present on the site.
Synopsys is not alone. According to security firm McAfee, the frequency of malware attacks is now growing at the fastest pace in four years and there are now more than 90 million unique strands of malware in circulation. Websites are probed by different bots (computer programs that perform automated tasks) hundreds, if not thousands, of times every day. In most cases, existing web security programs, anti-viral software and firewalls prevent infection.
Synopsys was more than prepared for the one bot that made its way into the site. With a formal response plan in place, the teams got to work evaluating the extent of the problem and quickly determined that only the external Synopsys-maintained webpages had been affected, that no data had been lost and that no secure information had been compromised. The malware was identified, quickly eradicated and additional security updates were implemented.
Clearly, the system works. Synopsys.com was affected for only a matter of hours. While no company wants to experience a malware attack, it can be a great opportunity for IT and web teams to demonstrate the strength of security systems and their ability to quickly resolve a crisis.