Hundreds of thousands of computers have already been infected by the fast-spreading MyDoom worm, which has toppled the website of US SCO Group and now has software leader Microsoft in its crosshairs.
This effectiveness, especially in harnessing an army of computers to bombard sites with data, means copycats may be used by hackers and activists, said the top anti-virus official at Finland’s F-Secure. The firm works with various law enforcement agencies on a number of cyber criminal investigations.
“You could use exactly the same technique, or even a little bit more advanced technique… to carry out your own agenda and take down the sites you want,” said F-Secure Anti-Virus Research Director Mikko Hypponen.
“This is a much larger attack network than anything we have seen before. With this kind of horsepower you could take down not just one site, you could take down thousands of sites – big sites – at the same time and keep them down for quite a while.”
In the past three years, a series of increasingly sophisticated worm outbreaks have been used to get across a political message or blackmail businesses. Victims range from Caribbean gambling sites to Pakistani government ministries.
Ero Carrera, of Finnish company,
MyDoom emerged last week in the form of a spam e-mail message containing a well-disguised virus attachment. It was programmed to take control of unsuspecting computer users’ PCs, from which an attack was launched on SCO on Sunday.
When activated, the effect was like hundreds of thousands of users refreshing SCO’s home page at the same time, crippling the site.
“This showed the bad boys the virus works… if you want to do something like this, you can,” Hypponen said.
He said while the virus was effective against smaller companies, an attack on Microsoft would likely fail as the firm’s site was built for heavy use. Plus, the strain of the virus is less potent than the one used against SCO.
Hypponen also said MyDoom could also prove to be a smokescreen, leaving the door open for future use of the infected computers by the virus writer.
“It is creating a back door to a million computers in the world at the same time, which could be used to do lots of nasty things, especially sending spam,” he said.
“It is creating a back door to a million computers in the world at the same time, which could be used to do lots of nasty things, especially sending spam”
Hypponen said companies have some options when trying to guard against or mitigate the effects of an attack.
One route is to hire web hosting firms specialising in defending against such attacks. If all else fails, companies have little option but to pull the site from the Web.
But with viruses increasingly well-hidden, Hypponen said the responsibility for protection ultimately will come down to technology firms because people have proven they cannot resist clicking on mysterious attachments.
“I’ve lost my faith in education. It never helps, people will never learn… They will click on everything,” he said.