Grammy Show Will Generate IT Security Problems For BusinessesGrammy Show Will Generate IT Security Problems For Businesses

With millions of people expected to tune in to the 49th annual Grammy Awards this Sunday, security professionals are predicting that a large percentage of them will be sipping their coffee and downloading new music Monday morning instead of working on those corporate projects and spreadsheets. Since free music downloads often mean major malware trouble, those music lovers won't just be wasting time, they'll be putting their companies' networks at risk.

"You watch the Grammys and then go out searching for a free download of the song. Beware of geeks bearing gifts," warns David Perry, global director of education at TrendMicro. "It might not be a download of a song. It might be a Trojan."

Perry and other security professionals warn both consumers and IT managers to stay away from free music download sites. Perry points out that free sites often are the source of more malware than music. According to JupiterResearch, global online downloads of single music tracks increased 89% to 795 million last year, and it's expected to continue to grow rapidly. That means there are millions of people putting themselves -- and their companies' data -- at risk.

Trojan downloaders, such as the current troublemaker Zlob, are showing up on music and video download sites. When users try to download free songs, they actually may be getting Trojans instead. If the music isn't downloaded, users might just think it was a problem link and move on to another site, unaware that their machines are infected. A Trojan opens up a virtual back door in a computer, allowing in other pieces of malware and giving the hacker remote access to the system, making it a zombie.

Industry analysts say hackers unleashed an army of these zombie computers earlier this week when they attacked the 13 root servers that help handle global Internet traffic. Some security professionals say the botnet of zombies may have numbered in the millions.

"If you're a fan of the music you hear on the awards, the thing to do is go to the legal online shops to buy it," says Graham Cluley, a senior technology consultant with Sophos. "Don't go to the pirated sites. It's breaching copyright, but it also might be malicious. You might think you're just downloading Shakira, but if you're downloading from a file-sharing site, you might be getting a virus instead. Popular artists have been used this way before."

Both Cluley and Perry warn IT managers that they need to send out alerts to users this week, telling them not to download music at work and educating them on the dangers involved with free file-sharing sites. Make sure there are policies against such actions, and make sure employees know what the policies are. IT managers also should set up software to enforce those policies so the rogue employee won't wreak havoc on the network.

Nearly 87% of IT managers want to block peer-to-peer file sharing on their networks, says Cluley, quoting a Sophos survey. And 79% say it's essential to block it.

"This goes on continuously, but the Grammys expose a lot of people to new music and then they go out and get themselves in trouble," says Perry. "Tell people to stick to known channels of distribution. We're not seeing any of this coming across from iTunes or Amazon.com or Barnes & Noble. As W.C. Fields said, 'You can't cheat an honest man.' "