September, 2005

Windows Zotob Worm Hits Users!

Once again, after repeated claims by Microsoft that their product is secure, we see quite dramatic loss of time and money caused by open gates (if you'll forgive the pun) allowing worms to find their way into the Windows Operating System.

The most recent noteworthy event took place in Mid August. A variant of the Zotob Worm hit GM's South Australian production facility Windows 2000 computers, causing loss of production in the order of $6.5 Million. CNN and the New York Times were among affected companies in the US.

The most serious aspects of these recent attacks are:

• the activity appears to be related to organised crime. Some variants of the Zotob worm have the capacity to report back to 'master' automatically; to be quite clear, capable of transferring confidential information out of your computer without your knowledge.
• the typical spread of a worm or virus is much more rapid than it's corresponding fix - that is, while it will of course be fixed, and was in this case quite rapidly, that fix will always be too late to save a significant number of users from real damage.

With criminals beginning to fully realise the potential to steal private information and/or cause commercial damage for profit; and with windows viruses classified as 'in the wild' numbering into the thousands and climbing is it now best described as 'brave,' or just plain irresponsible, to connect a Windows computer containing sensitive information (or being used for sensitive operations like Internet banking) to the Internet?

For a graphic account of the average time before an Internet connected computer is probed by malicious software, visit:
http://isc.sans.org/survivalhistory.php

Needless to say, had the affected organisations above been using Linux they would have lost nothing!   Linux will remain highly resistant to this type of attack for the forseeable future. Read why.