By Susan B. Shor TechNewsWorld
03/29/05 1:42 PM PT
"What is surprising to me about this type of mass-mailing worm is the fact that we continue to be susceptible to them. There are a number of barriers to infection already, but still this type of malware seems to slip through the cracks," Ed Moyle, president of SecurityCurve, told TechNewsWorld.
The latest mass-mail worm to attack unprotected computers is Mytob, which first appeared at the beginning of the month, but last week, threatened with eight new variants, two of which were reported by security firm Symantec (Nasdaq: SYMC) yesterday.
As with other mass-mail worms, Mytob uses its own SMTP engine to send e-mail to addresses that it finds on computers it infects. It also may block access to security Web sites, open a backdoor, allowing others to access the computer and modify data on the computer.
Various Subjects
The variants are labeled mytob.l through mytob.s. The subject of e-mails carrying the worm varies. Mytop has been getting low or moderate danger ratings and is not difficult to remove.
"What is surprising to me about this type of mass-mailing worm is the fact that we continue to be susceptible to them. There are a number of barriers to infection already, but still this type of malware seems to slip through the cracks," Ed Moyle, president of SecurityCurve, told TechNewsWorld, pointing out all the filtering and antivirus products that have been both integrated into e-mail clients and can be purchased separately.
"Even if all the countermeasures fail to intercept the worm, users have been repeatedly warned not to run attachments that they receive through e-mail. But still all these things fail enough for these worms to propagate," he said.
Businesses Getting Smart
On the other hand, Moyle said enterprises have become more savvy about protecting themselves from cyber-threats.
"I think in general enterprises are more prepared for malware in today's world that they have been in the past. Most larger enterprises have an incident response team in place with procedures in handling this type of outbreak, but trying to completely prevent an outbreak in any size enterprise is very difficult," he said.
"In a large enterprise, trying to track and manage individual machines within the enterprise is a huge undertaking. Looking through thousands of machines for the dozen or so that are unpatched, that have open shares, or that don't have updated antivirus protection is like trying to find a four-leaf clover in a baseball field or a needle in a haystack."
Small companies, however, may not have the resources to rapidly respond to a malware outbreak. The advice for avoiding Mytob is as usual: Do not open any attachments or start any executables if you aren't sure what they are.
Networks Band Together To Fight Internet Attacks March 29, 2005
Blaming lost revenue and repair costs from attacks on networked services and disruptions for the loss of more than US$17.5 billion in 2005, the Fingerprint Sharing Alliance said the global partnership will facilitate improved defense of computer systems and infrastructure that cross network and national borders.
Related Stories
Skybox Security Introduces Worm Prediction Software March 26, 2005
To meet the heightened threats posed by worms, Skybox View takes a different approach than other security software. Its recently released ENHANCED software shifts to a pre-attack defense strategy by predicting which network vulnerabilities can be exploited based on behavior patterns of worms.
Network Security Now Comes with Guarantees, Options March 12, 2005
"We took more than two years to develop this concept. It reverse engineers the content of everything that filters through our security appliance to check for infections," Finjan Software founder and CEO Shlomo Touboul said in announcing the Vital Security Appliance products.
Computer Security Comes of Age February 19, 2005
A new generation of security-minded desktop and laptop computers is giving new marketing life to the IBM Personal Computing Division. Add to this new line an innovative, out-of-the-box approach to user authentication, and computer security takes on a much safer atmosphere.
MyDoom Worm Crawling Search Engines February 17, 2005
Ken Dunham, the director of malicious code research at iDefense, a threat intelligence firm, said that the number of malicious code attacks in the past few years is not helping consumer confidence in the online channel. "The average end user feels like there's nothing much that they can do," Dunham said.
The IT Security Paradox February 16, 2005
The stampede toward endpoint security comes as hackers move beyond digital joy-riding and seek financial gain. Indeed, today's hackers are trying to infiltrate systems -- particularly endpoint systems or network holes -- and potentially profit from them.
Related News Alerts
More by Susan B. Shor
Salesnet President Jonathan Tang Ready to Take On Salesforce.com February 07, 2006
"We think it's Salesnet's time now. We've been around since the beginning, we've been lying low, but you're going to start to see more of us. We've done it through organic growth and happy customers. We continue to focus on customers."
Comcast Follows Time Warner in Offering 'Family' Programming Tier December 23, 2005
"The demand for this type of tier is coming from the FCC and Christian conservatives. It has nothing to do with legitimate consumer demand," Todd Chanko, senior analyst at Jupiter Media, told the E-Commerce Times.
High-Risk Flaw Found in Symantec's Software December 22, 2005
"Part of the significance of this vulnerability announcement is that your machine can be exploited without you needing to do anything at all. You don't even have to open an e-mail or attachment, and this happens with the default configuration of the product," said Forrester Research senior analyst Michael Gavin.
Headline Feeds
Talkback: 
