Viruses & Malware

Throughout this latest swarm of Netsky and Bagle computer viruses, I've been trying to dream up a way we can all work together to reduce the number of viruses and worms spread on the Internet. It's not easy. Most of our current computer security strategy is based on after-the-fact mitigation, and we don't focus enough resources on prevention. Sure, good networks are built on trust, but no matter how many firewalls and antivirus scanners you install, it takes only one Typhoid Mary computer to infect a whole network.

Protecting business infrastructures against digital attack is now an everyday necessity. In 2003, an average of seven new security vulnerabilities were identified every day.
While figures suggest this number may have stabilised, the threat that businesses face from viruses shows no sign of abating.

Viruses and worms are becoming more sophisticated, and when it comes to working out the best strategy and, indeed, tools to protect your business, it can be a veritable minefield.

No need to double-click to be infected by Netsky-V the new Netsky-V worm (W32/Netsky-V) spreads without using email attachments to infect. Other widespread versions of the Netsky worm have infected users by tempting them to double-click on an email attachment, but Netsky-V exploits security loopholes in Microsoft's software that mean users can be hit just by reading an email. Emails containing the exploit, which can use subject lines such as 'Converting message.

Four out of the five Web sites targeted by a Netsky worm DDoS attack have either been knocked over, or had to change their Web address to remain accessible

File-sharing network eDonkey's main Web site has been knocked offline following an attack from Netsky, but Kazaa has survived -- so far

The latest versions of the Netsky e-mail worm spreading on the internet may be the work of a different author, antivirus software companies believe.

Netsky.S appeared on Monday and Netsky.T was detected the following day. They are the 19th and 20th editions of an e-mail virus that first appeared in February.

Unlike earlier variants, the latest strains open "back doors" on machines they infect, prompting at least one antivirus expert to declare the worm the work of a different virus author.

The "Witty" worm appeared on March 19th, and within a few short days it completed its mission and effectively disappeared. It received minimal coverage by the major news media outlets and for many people it has already been largely forgotten, a mere blip on the radar among so many blips of new viruses and virus variants that appear each week. If the Witty worm didn't affect you, as is the case for most people, you probably don't care. But you should.

A number of factors and failings came together to make the August 14th northeastern blackout the worst outage in North American history. One of them was buried in a massive piece of software compiled from four million lines of C code and running on an energy management computer in Ohio.

Antivirus firm Network Associates today raised to 'medium' its risk assessment of the recently discovered Windows worm Sober.f.
Sober.f is a prolific worm that spreads via email, sending itself to addresses found on the victim's machine.

The worm has many of the same functionalities as its predecessors: it comes in the form of an attachment and contains a varying filename.

Users need to manually run the attachment in order to be infected.

New data from Microsoft suggests that at least eight million Windows computers have been infected by the MSBlast, or Blaster, worm since last August - many times more than previously thought. The latest data comes from the software giant's ability to track the usage of an online tool that its engineers created to clean systems infected with the worm.

Since this latest swarm of medium-threat viruses started , I've gotten a fair number of e-mail messages claiming I sent someone a virus. Well, I didn't. Not only do I have a corporate gateway to stop incoming viruses, my desktop also runs an enterprise version of an antivirus program.

I've become a victim of what I call "viral-borne identity theft," a.k.a. spoofing. Here's what e-mail spoofing is and what you should be aware of. But I'll warn you up front: there's not a whole lot you can do to stop spoofing except minimize your exposure.