News

Gartner: MyDoom could be one of the most damaging worms ever

Cliff Saran

The MyDoom worm that hit businesses last week was one of the fastest-spreading attacks ever and could also prove to be one of the most damaging, according to Gartner.

The analyst company said MyDoom could be an attempt to create a large population of infected PCs that could be used for a future, more damaging attack involving mass password and identity theft. It warned users to step up their security measures.

Gartner advised users to quarantine all incoming e-mail containing attachments until desktop and e-mail anti-virus signatures have been updated.

It said IT departments should scan all Windows PCs to detect any Trojan horse programs that have been installed and block incoming e-mails that contain attachments. Gartner also recommended that users review exposed systems for vulnerability to co-ordinated external attacks.

Network security firm TruSecure advised users to block unencrypted Zip attachments. Jay Heiser, principal analyst at TruSecure, said, "It is essential that end-users do not open Zip files."

He said users should avoid sending Zip e-mail attachments - and if they must send them, use the encrypted Zip format.

In the long term, Heiser said, "Public key infrastructure would solve the problem of e-mail-based viruses as it would provide a way to authenticate the sender address in an e-mail message." In other words, a company could use PKI to allow only e-mail from authenticated addresses to pass into the corporate e-mail system.

A side effect of the problems users faced last week was that valuable bandwidth was used up by corporate e-mail servers sending notification messages to warn e-mail users about MyDoom.

In the first five days of the attack, MessageLabs' anti-virus service stopped 7.5 million copies of the virus. About 35% originated in the US, 26% in the UK and 4% in Australia. The worm has been reported in 211 countries.

SCO and Microsoft, which were targeted by MyDoom, have each offered a £135,000 reward for the capture of the worm's author.

US wants UK hacker to pay damages       

The US government is demanding £21,000 compensation from teenage hacker Joseph James McElroy after he admitted hacking into systems at the Fermi National Accelerator Laboratory in Chicago.  

McElroy, due to be sentenced this week at Southwark Crown Court, stored hundreds of gigabytes of film and music files in a private bulletin-board on the lab's systems.  

The compensation demand, believed to be the first of its kind in the UK, is likely to set a precedent for future hacking trials.  

McElroy, now a first year computing student at Exeter University, was arrested at his parents home in London following a joint investigation by the US Department of Energy and Scotland Yard's computer crime unit.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy