Establishing Digital Trust: Don't Sacrifice Security for Convenience
And security gurus are starting to wonder if wave after wave of malicious code attacks aretaking their toll on corporate IT and security managers. How long can they keep up with theanti-virus updates, the software patches and the user panic?
''March is coming in like a lion on the malicious code front and there's no indication that it will go out like a lamb,'' says Ken Dunham, director of malicious code atiDefense, Inc., a security intelligence company based in Reston, Va. ''Internet users arebeing relentlessly attacked by multiple e-mail worms such as Bagle, Netsky and Mydoomworms... I think it's really wearing people down.''
Since this past Friday, five new Bagle worms have been released in the wild, along with anew worm from Netsky family.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i The Bagle worms, which are being classified as variants C through G, are spreading quicklyacross the Internet.
''The Bagle worms use a number of disguises to camouflage their intentions when they arrivein your email inbox,'' says Graham Cluley, senior technology consultant for Sophos. ''Butthe advice remains the same for each. Never open an unsolicited email attachment.''
Netsky-D, the latest variant in that family, is spreading via email, disguised as a PIFfile. While users may know not to open executable files, they may not realize that PIF filesare equally capable of being malicious.
This latest slate of attacks comes on the heels of MyDoom-F and Netsky-C, which rampagedaround the Internet last week. MyDoom-F seemed to be the more dangerous of the two,spreading more rapidly and carrying quite a malicious payload. Once a computer is infected,it begins to delete files that people tend to use frequently -- Word documents, spreadsheetsand JPegs.
''It's actually been a pretty bad couple of months,'' says Natasha Staley, an informationsecurity analyst at MessageLabs, Inc., a managed email security provider based in New York.''Back in January, we got hit with the first MyDoom and then we got hit with Netsky. There'sbeen a rush of infections being released into the wild.''
And Staley says that puts a tremendous strain on IT departments that have been struggling tokeep up for more than a month now.
''I wonder if the bigger problem for companies is the continual cycle of virus after virusafter virus,'' she adds. ''It must seem like a continual round of calming users anddownloading anti-virus updates and fighting fires.
''I think it's becoming more and more difficult to keep on top of these things,'' saysStaley. ''It departments are being forced to firefight. They're neglecting core businessprojects they'd like to get on with. And think about the user panic. If you have userscalling up your helpdesk all the time, how are you going to get anything done?''