Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Doomsday - One Year On

  • 27 January, 2005 11:03

<p>At 13.26pm on 26th January 2004, MessageLabs, the world’s leading provider of email security services to business, intercepted its first copy of W32/MyDoom.A. Within the first twenty-four hours, the company had stopped over 1.2 million copies.</p>
<p>MyDoom.A, which achieved a peak infection rate of 1 in 12 emails, has proved to represent a landmark in the history of computer viruses, and the legacy lives on….</p>
<p>Convergence</p>
<p>MyDoom.A was not the first worm to demonstrate how effectively virus and spamming techniques could be combined, but it is still the most successful, and signalled the beginning of the widespread use of this method. Viruses and spam were once separate types of email attacks, but financial incentive has led to significant technical malware developments. Today, almost every virus MessageLabs stops is capable of aiding spam distribution.</p>
<p>The backdoor element of the malicious code also enables infected machines to be commandeered to launch denial of service attacks or perform other nefarious acts.</p>
<p>The window of vulnerability</p>
<p>MessageLabs intercepted its first copy of MyDoom.A at 13.26pm. Almost ten hours later anti-virus software vendors began releasing signature files to detect it. During that window of vulnerability, MessageLabs had already stopped approximately 170,000 copies of the worm, firmly establishing itself as a high-risk outbreak. It is impossible to accurately identify the number of machines infected during the initial ten hours of the outbreak, but it should be remembered that the 170,000 copies intercepted by MessageLabs only represents email scanned on behalf of its customers.</p>
<p>Plague of the virus variants</p>
<p>As MyDoom and its descendants have demonstrated, the window of vulnerability is well known and is commonly exploited by cyber-criminals. Viruses are no longer built to last, but often take a smash and grab approach. They are designed to infect the greatest number of machines before anti-virus software vendors have issued identity files.</p>
<p>By the time signatures are deployed the damage has been done – and the next variant of the virus is ready for release. The MyDoom family comprises more than 30 variants to date.</p>
<p>Top of the charts</p>
<p>The mass-mailing worm also spread via file sharing service, KaZaA, and had the ability to randomly generate or guess likely email addresses to send itself to. In a more sophisticated twist on the average mass-mailing worms seen previously, MyDoom.A also deployed subtle social engineering to dupe users into thinking it was a mail delivery error message. The combination of these methods ensured that 12 months on it was still the most widespread virus outbreak of 2004.</p>
<p>A lesson learnt?</p>
<p>As criminal involvement in the virtual world continues to accelerate, security attacks will increasingly be financially motivated. This will drive the development of more sophisticated malware and the frequency with which it is released as hackers work to ensure maximum impact.</p>
<p>Alex Shipp, MessageLabs’ Senior Anti-Virus Technologist, comments, “MyDoom.A represented a step change in the virus landscape indicating an apparent change in the prime objective of virus writing. As a result, ensuring that a company is protected against the continual stream of malware outbreaks now encountered poses a disruptive and challenging force for any IT department, particularly those using traditional, reactive security solutions.</p>
<p>“In 2004, the security industry acknowledged that if the window of vulnerability could be reduced to three hours or less, mass-mailing viruses could be a thing of the past. But, traditional anti-virus software is unable to meet this challenge. Consequently, multi-layered security defences incorporating proactive virus detection techniques will increasingly be adopted by organisations to combat the more complex, fast-spreading blended threats that are now commonplace.”</p>
<p>About MessageLabs</p>
<p>MessageLabs is the world's leading provider of email security and management services with more than 10,000 clients and offices in 12 countries. For more information, please visit http://www.messagelabs.com</p>

Most Popular

Most Popular Reviews

Join the newsletter!

Error: Please check your email address.

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?