The variant had its own e-mail engine which circumvented anti-virus software and used the search engines to find e-mail addresses to attack, according to Tim Warner, northern European regional sales manager at security firm Finjan. Finjan's approach is to run in an isolated environment any code coming into the network to determine its behaviour. Only code that complies with corporate policy is allowed in.
Analyst firm Gartner advised users to establish a shielding strategy for denial of service attacks that use vulnerabilities which cannot be patched. Such a strategy should include shielding with firewalls, content filters/proxies and URL filters. Users should have an isolation strategy to lock down network segments and disable or manually reconfigure vulnerable software.