Another Wave of Worms Puts More Stress on IT
The Internet is being hammered with yet another barrage of worms today, making industry analysts wonder if wave after wave of malicious code attacks are taking their toll on corporate IT and security managers.
And security gurus are starting to wonder if wave after wave of malicious code attacks are taking their toll on corporate IT and security managers. How long can they keep up with the anti-virus updates, the software patches and the user panic?
''March is coming in like a lion on the malicious code front and there's no indication that it will go out like a lamb,'' says Ken Dunham, director of malicious code at iDefense, Inc., a security intelligence company based in Reston, Va. ''Internet users are being relentlessly attacked by multiple e-mail worms such as Bagle, Netsky and Mydoom worms... I think it's really wearing people down.''
Since this past Friday, five new Bagle worms have been released in the wild, along with a new worm from Netsky family.
''The Bagle worms use a number of disguises to camouflage their intentions when they arrive in your email inbox,'' says Graham Cluley, senior technology consultant for Sophos. ''But the advice remains the same for each. Never open an unsolicited email attachment.''
Netsky-D, the latest variant in that family, is spreading via email, disguised as a PIF file. While users may know not to open executable files, they may not realize that PIF files are equally capable of being malicious.
This latest slate of attacks comes on the heels of MyDoom-F and Netsky-C, which rampaged around the Internet last week. MyDoom-F seemed to be the more dangerous of the two, spreading more rapidly and carrying quite a malicious payload. Once a computer is infected, it begins to delete files that people tend to use frequently -- Word documents, spreadsheets and JPegs.
''It's actually been a pretty bad couple of months,'' says Natasha Staley, an information security analyst at MessageLabs, Inc., a managed email security provider based in New York. ''Back in January, we got hit with the first MyDoom and then we got hit with Netsky. There's been a rush of infections being released into the wild.''
And Staley says that puts a tremendous strain on IT departments that have been struggling to keep up for more than a month now.
''I wonder if the bigger problem for companies is the continual cycle of virus after virus after virus,'' she adds. ''It must seem like a continual round of calming users and downloading anti-virus updates and fighting fires.
''I think it's becoming more and more difficult to keep on top of these things,'' says Staley. ''It departments are being forced to firefight. They're neglecting core business projects they'd like to get on with. And think about the user panic. If you have users calling up your helpdesk all the time, how are you going to get anything done?''
February 24, 2004
Spam is expected to make up 80 percent of all email by the third-quarter of this year. And analysts blame it largely on the open proxies created by viruses, like Sobig and MyDoom.