|
|
Enron Mail |
MARKET NOTICE
December 5, 2001 CAISO Antivirus Program ISO Market Participants: As you know, yesterday (December 4, 2001) hundreds of thousands of e-mail users were hit by the "Goner" worm virus. Unfortunately, e-mail messages from the ISO inadvertently spread this virus to many of your work stations. The ISO is very concerned that it not spread such viruses either within the CAISO or to the ISO's Market Participants. We sincerely regret any inconvenience this may have caused you. Several Market Participants have asked about the ISO's procedures for protecting against and responding to computer virus attacks. We would like to update you on our procedures that allow the ISO to detect a virus, isolate it quickly, implement countermeasures until the antivirus upgrade is available and clean and restore our systems (servers and PCs). The California ISO sends and receives thousands of electronic messages every day because of who we are and what we do. During the normal course of business, the majority of these messages contain attachments exchanging and providing information. One method used by malicious programs (Viruses, Worms, and Trojan-Horses) to spread is by electronic mail. It is the attachment that carries the malicious program, not the email itself. So, when a user opens an infected executable file, the malicious program is activated and initiates what it is programmed to do. Examples of executable files that may be infected include, but not limited to, Word documents (.doc), Excel spreadsheets (.xls), or Visual Basic files (.vbs). CAISO's Antivirus Program uses a three-tiered approach where scanning (detect, clean or delete) is performed on email messages with attachments at the Gateway Servers, the Mail Servers, and Users' PCs and Laptops. All incoming and outgoing email with attachments are scanned for all known viruses. That is a key element of an antivirus program. New viruses or new strains of computer viruses, worms, and Trojan-Horses are discovered at an alarming rate. Antivirus manufacturers try to keep up with the new discoveries and try to be the first to market with the updates. There are over 50,000 known active viruses circulating the Internet today. On December 4, CAISO experienced a malicious program--Goner Worm--attack that contaminated our electronic mailing system sometime around 8:30 a.m. The Goner Worm was a brand new program so our antivirus software was unable to detect it. Antivirus software manufacturers discovered this worm on December 4, between 7:00 and 8:00 a.m. Later that day, most manufacturers developed an update to address the Goner Worm. CAISO received the new update around 12:00 p.m. and by 3: 30 p.m. our Antivirus Team had our email system fully restored and functional. Unfortunately, during the time it took to recover (about 5.5 hours), many messages were sent out automatically. We apologize for any inconvenience this may have caused you. CAISO strongly recommends that all users take prudent measures to protect themselves from malicious program contamination. Precautions all users should consider include: * Unsolicited email messages with attachments from unknown origins should not be opened, but deleted. * When in doubt, DELETE. * All email attachments must be scanned before opening. * Ensure that your antivirus software is updated regularly and often. Although we are confident that our precautions ensure virus free attachments, it is always prudent to always scan the attachments with your own antivirus software. Please contact your internal IT security department for additional information regarding your antivirus program and procedures. Client Relations Communications.0715 CRCommunications@caiso.com <mailto:CRCommunications@caiso.com<
|