On Monday, January 26, 2004 a malicious computer virus was detected. The virus has various names, including Mydoom and Novarg.
The severity of the virus has been rated 4 on a scale of 1 to 5 by Symantec. It was classified as both highly destructive
and highly pervasive by Computer Associates.
Why is The SCO Group concerned?
According to Computer Associates, "The worm attempts to perform a Denial of Service attack against www.sco.com. The attack is timed
to be performed between the 1st and the 12th of February, 2004". The virus is also targeted at other Websites, too.
Cyber-terrorism is so wide-spread, causing hundreds of millions of dollars of damage to businesses of all sizes, that the newly-created Department of Homeland Security, including the Federal Bureau of Investigation, proactively investigates the presence of worms, viruses, and denial-of-service attacks.
Why should you be concerned?
Viruses and other malicious programs are sent across the entire Internet, causing Web performance to suffer. Typically, that would not be too
much of a problem when you are trying to send or receive an email about Aunt Pearl.
But for millions of people whose livelihood is tied to the
Internet, people such as telecommuters, business persons traveling out of their offices, and others who rely on the transfer of vital business
information -- including contracts, payment transactions, invoices, and the purchase or sale of securities (stocks, bonds, and the like) -- the
slowdown of the Internet can be devastating.
It has been estimated that Mydoom virus will cause hundreds of millions of dollars in direct and indirect damages to
businesses around the world. (See CNNMoney.com.) Some estimate that the financial impact of virus could approach a billion dollars. See Yahoo News.
If you are a SCO partner, you might find that you cannot order products online; and if you can place the order, the Internet traffic may be
so jammed by the email these viruses create, that you may not receive confirmation of your orders
How can I check to see if I have the virus?
Several companies have published detailed instructions for checking to see if your computer system is infected. We recommend the following sites:
- McAfee provides a free download of Stinger, a stand-alone utility used to detect and remove Mydoom and about 50 additional viruses.
- Microsoft Corporation has provided detail instructions for sanitizing Windows(R) Operating systems
- Computer Associates provides a free download of cinmydoom.zip to clean a local machine affected by Win32.Mydoom.A and its variants.
What can I do to eradicate the virus?
The sites listed above provide free assistance in detecting and removing the Mydoom virus from your computer system. In addition, we recommend that you purchase virus protection software for each of your computer systems. Then, keep it updated regularly.
What long-term steps should I take to protect against future viruses?
There are a few very simple steps you can do to ensure against receiving worms and viruses:
- Do not open any email from a person whom you do not know.
- Do not open any attachments to email unless you are certain of the contents
- Do not download any documents or programs from any Website that you do not know to be reputable
- Do examine the email sender's name and the subject of the email before you open the email. If you do not recognize the name of the person OR if the subject of the email appears out of character with the person whose name you do recognize delete the email without opening it
- Do backup your data files to floppy disk or CD periodically. The rule of thumb for making backups, always make a backup when you can't afford to lose everything on your computer system
- Do purchase virus protection software. Virus protection software from reputable companies does work to check an existing computer system and to check files that you receive by email or by downloading from the Internet.
- Do update your virus protection software often. Hackers who create viruses pride themselves on being able to bring down the Internet and to disable targeted companies' ability to do online business. Like political or religious terrorists, virus hackers love to receive the attention and notoriety from the damage they inflict
- Do delete junk email (spam) without opening it.
- Do not respond to junk email. By responding your email address becomes a target of more junk email.
Worms, Viruses, and Trojan Horses. What does it all mean?
- Viruses are computer programs that cause unexpected results when executed.
- Worms are pieces of code embedded in graphics, word processing documents (though not strictly text documents), spreadsheets, and attachments to emails, such as zipped (compressed) files. They replicate themselves inside the "host" computer, utilizing that computers memory and disk storage resources in the process. Often they "read" that computer's email phone book, and begin sending copies of itself to everyone on the list.
- Trojan Horses are malicious programs that have innocent-sounding names.
Often, the use of viruses and worms is interchangeable. All viruses, worms, and trojan horses have the same effects:
- They can utilize computer memory and disk storage space
- They can propagate themselves so that the computer user may unwittingly spread the virus to another's computer system by sending a contaminated document
- They can tie up Internet resources, blocking legitimate packets of information from receiving their destination
- They are an expression of misguided passion
Isn't cyber-terror a Federal crime?
Yes it is. Cyber-crimes, which include the creation of malicious viruses, are investigated by the Federal Bureau of Investigation. Rather than innocent, harmless pranks, the creation of viruses is a Federal offence, punishable by stiff fines and prison time.
VAR Business Insider News is quoted as saying, "National Cyber Alert System Goes Into Effect. The Department of Homeland Security is stepping its efforts to coordinate the impact of cyber-threats, today launching the new National Cyber Alert System, the first coordinated system for prioritizing and alerting participants of the vulnerability and risks resulting from viruses, denial-of-service attacks and other computer threats."