Users behaviour helps spread viruses

Last month saw the Sobig.F e-mail virus spread through the online world like wildfire. Disseminated by unsuspecting users, the malicious code caused untold downtime and service degradation.

  • E-Mail
By  Matthew Southwell Published  September 7, 2003

Last month saw the Sobig.F e-mail virus spread through the online world like wildfire. Disseminated by unsuspecting users when they opened infected file attachments, the virus resent itself to e-mail addresses stored on the infected computer. Within a week, the malicious code had initiated approximately 200 million e-mails and caused untold downtime and service degradation.

“Sobig.F almost achieved the infection rates of Lovesan, a network worm still spreading worldwide, within one day of being out in the wild,” says Denis Zenkin, head of corporate communications at Kaspersky Labs.

“The Sobig.F epidemic is the most serious outbreak we have witnessed within the last year and a half. Only Klez, an e-mail worm identified in October 2001 and still ‘wandering’ about in the wild, has infected more computers than Sobig,” he adds.

Although the virulence of Sobig.F took many by surprise, it should not have done. Last month’s version was the sixth iteration of the code and its modus operandi had been experienced on five different occasions since January. The fact that the virus did wreak so much havoc indicates that users still have much to learn when it comes to preventing infection.

“It is beyond me why people are not downloading patches and fixes to prevent infection,” says Justin Doo, managing director of Trend Micro Middle East, Africa & Benelux countries. “Maybe people don’t see these things [viruses] as a threat, or maybe it’s a lack of dedicated IT staff,” he adds.

Other vendors blame a lack of internal security policies and processes. For instance, Vernon Fryer, head of information security at IMT, suggests that while many end users have firewalls in place, most security administrators cannot provide daily logs because they simply do not check their systems.

“Organisations are spending a lot of money on security solutions and implementing them, but they are not managing them correctly. The reasons for this are a lack of skills and a lack of proper policies and procedures,” he says.

“Users have to understand the trend analysis of what is taking place in their security environment. People are erecting the barriers and then slipping into a comfort zone and not looking at it every day. This means that the security product is not utilised to its fullest extent,” Vernon adds.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code