Thursday, June 13, 2024

March Virus Madness Strains IT Managers

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

March was a stressful month for IT and security managers as they struggled to keep up with

the roaring torrent of new viruses hitting as often as three or four times a day.

Industry analysts say high-tech managers have been under great strain in the past month or

two as they worked feverishly to keep their networks bug free. The Netsky and Bagle virus

families were mostly to blame, with nearly 50 variants between them being hitting the wild.

”We’ve never seen anything quite like this,” says Ken Dunham, director of malicious code

at iDefense, Inc., a security intelligence company based in Reston, Va. ”The war between

these two viruses is quite significant… There was a synergy in these two viruses hitting

at the same time. It became an issue of pride and the war broke out.”

That war of viruses has meant that variants have appeared, rolling through the wild, nearly

on top of each other. Multiple variants have even hit on the same day. And since each

variant is different enough to warrant an update in detection systems and anti-virus

software, each variant has called for an emergency update. That has kept the anti-virus

community and IT and security managers hopping.

”What’s keeping this going is that the actual pool of compromised machines is so great,”

says Steve Sundermeier, vice president of products and services at Central Command Inc., an

anti-virus company based in Medina, Ohio. ”They’re using those machines, and they’ll use

them until the pool is closed. What’s worrisome is that other spammers will see this

success, and will try the same methods.”

Sundermeier also notes that while it’s not totally unheard of, it’s rather unusual for a

virus, especially two at the same time, to rack up so many variants. The Netsky virus is up

to an R variant, and Bagle is up to V. If both viruses keep going, which analysts say they

undoubtedly will, they’ll move into double letter range. Once a virus has run its course

through the alphabet, new variants will receive names such as Bagle.AA or Netsky.AB.

”A huge part of the problem here is that the variants continue to be successful,” says

Sundermeier. ”IT professionals always have to be on alert, and so do we. Every successful

variant requires an emergency update… It used to be that you were fine with a daily

update. We’re posting two, three or four updates in a day, and that kind of strains things.

”You’re only as good as your last update,” he adds.

The Netsky and Bagle viruses not only made the month of March crazy in the virus community,

it actually defined it.

Sophos, Inc., an anti-virus and anti-spam company based in Lynnfield, Mass., reported today

that the two virus families made up nine out of the top 10 virus rankings for March.

MyDoom-A slipped into the tenth spot.

Sophos ranked the top nine viruses as: Netsky-D, Netsky-B, Netsky-C, Bagle-C, Netsky-J,

Bagle-E, Netsky-P, Bagle-H and Bagle-J.

The top three Netsky variants racked up a large percentage of the virus-related problems

this past month. Netsky-D accounted for 3.2 percent of all reports, while Netsky-B

accounted for 12.3 percent and Netsky-C accounted for 11.7 percent.

”The Netsky author wins the dubious accolade of the month’s biggest virus, accounting for

almost 60 percent of all reports to Sophos, but the biggest losers are the innocent

computer users who have been caught in the crossfire of the Netsky/Bagle spat,” says

Carole Theriault, security consultant, Sophos.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles