Defending Against Worm Wave Is A Tough Task

While it's not difficult to stymie one worm, it's a different story when that one becomes a legion, a tsunami that just keeps coming, said security analysts Thursday as they offered up advice on how to handle waves like this week's.

Unfortunately, said Ken Dunham, the director of malicious code research at iDefense, "there's no single magic bullet and no comprehensive patch against all of these new worms."

Chris Potter, an analyst at PricewaterhouseCoopers in the U.K., agreed. "Anti-virus software alone doesn't solve the problem."

That's not surprising, what with the sheer number of worms that have struck in the last seven days: 16 by Network Associates' count, including 9 Bagles, 4 Netskys, 2 MyDooms, and 1 lonely Hiton.

Because all of these worms deliver their payloads disguised as file attachments to e-mail messages, the oldest advice remains the best. "First and most important -- and this is a social engineering aspect that's a little hard to master -- don't open or execute unexpected e-mail attachments," said Brian Foster, the product manager for Symantec's anti-virus group in a Web conference Wednesday.

That works, of course, but as the dramatic spread of some of these worms shows, not everyone heeds the advice. The problem is that worms hijack addresses from infected machines to propagate, leaving the next victim to believe that the message comes from someone he or she knows, and it, and its attachment, can be trusted.

Wrong.

"If you're not expecting an attachment from somebody, be wary of opening [it]," Foster said.

The link for this article located at SecurityPipeline.com is no longer available.