Earlier this week, IT security circles were ablaze with near-panic after users of the Norton anti-virus toolkit noticed an unknown file that appeared to be trying to connect to the Internet – often a signal that the file is up to something suspicious.
Theories about the true nature of PIFTS.exe quickly spread across the Internet. Support for one of the more conspiratorial theories – that it was an attempt by Symantec, the company behind Norton, to spy on its customers – was bolstered when topics relating to the file on Symantec’s support message boards were deleted.
Symantec eventually explained all. The file was a diagnostic patch that was accidentally released in an ‘unsigned’ form. In other words, the file was not recognised as legitimate by even the company’s own malware detection software.
The deleted posts were meaningless, it explained, and had contained such pearls of Internet wisdom as ‘O LAWD IM CHOKIN ON PIFTS PLZ HALP’ and ‘OH GOD YOU GOT CHOCOLATE IN MY PIFTS’.
But its reply took too long. Thanks to the popularity of micro-blogging service Twitter, a rumour can now reach millions of people within mere minutes.
Lo and behold, there are now numerous fake sites that purport to explain PIFTS.exe that themselves contain real malware, nicely reflecting the hacker logic that those most worried about threats should be the ones to suffer them.
Security vendors know they need to sprint to keep up with the originators of malicious code. But as this episode reveals, it is not just the software itself that needs to keep up, but also the information about that software as misinformation and fear can easily be exploited.
And the lesson for all businesses is that when consumers are communicating with one another at a lightning pace, they must be able to react to rumour and false information with equal speed.