The Internet is being hammered with yet another barrage of worms today, making industry
analysts wonder if March will be as bad as the last two months have been.
And security gurus are starting to wonder if wave after wave of malicious code attacks are
taking their toll on corporate IT and security managers. How long can they keep up with the
anti-virus updates, the software patches and the user panic?
”March is coming in like a lion on the malicious code front and there’s no
indication that it will go out like a lamb,” says Ken Dunham, director of malicious code at
iDefense, Inc., a security intelligence company based in Reston, Va. ”Internet users are
being relentlessly attacked by multiple e-mail worms such as Bagle, Netsky and Mydoom
worms… I think it’s really wearing people down.”
Since this past Friday, five new Bagle worms have been released in the wild, along with a
new worm from Netsky family.
The Bagle worms, which are being classified as variants C through G, are spreading quickly
across the Internet.
”The Bagle worms use a number of disguises to camouflage their intentions when they arrive
in your email inbox,” says Graham Cluley, senior technology consultant for Sophos. ”But
the advice remains the same for each. Never open an unsolicited email attachment.”
Netsky-D, the latest variant in that family, is spreading via email, disguised as a PIF
file. While users may know not to open executable files, they may not realize that PIF files
are equally capable of being malicious.
This latest slate of attacks comes on the heels of MyDoom-F and Netsky-C, which rampaged
around the Internet last week. MyDoom-F seemed to be the more dangerous of the two,
spreading more rapidly and carrying quite a malicious payload. Once a computer is infected,
it begins to delete files that people tend to use frequently — Word documents, spreadsheets
and JPegs.
”It’s actually been a pretty bad couple of months,” says Natasha Staley, an information
security analyst at MessageLabs, Inc., a managed email security provider based in New York.
”Back in January, we got hit with the first MyDoom and then we got hit with Netsky. There’s
been a rush of infections being released into the wild.”
And Staley says that puts a tremendous strain on IT departments that have been struggling to
keep up for more than a month now.
”I wonder if the bigger problem for companies is the continual cycle of virus after virus
after virus,” she adds. ”It must seem like a continual round of calming users and
downloading anti-virus updates and fighting fires.
”I think it’s becoming more and more difficult to keep on top of these things,” says
Staley. ”It departments are being forced to firefight. They’re neglecting core business
projects they’d like to get on with. And think about the user panic. If you have users
calling up your helpdesk all the time, how are you going to get anything done?”