Viruses, Worms and Spam Definitions

1
Viruses, Worms and SpamDefinitions

• Virus - unauthorized software, embedded in other
  programs and with the ability to propagate when
  the host program is executed
• Worm - unauthorized software that can exist
  independent of other programs and with the
  ability to propagate itself
• Spam - unwelcome e-mail, typically associated
  with mass mailings

2
Viruses, Worms and SpamThreat Level Assessment

• Viruses and Spam - Dangerous
• Complacency
• Blended attacks
• Vulnerable software
• Reported links to commercial spammers
• Spam - Nuisance
• Not as bad as press reports

3
Viruses, Worms and SpamRecent Experiences

• Netsky and Beagle
• Welchia
• Hoax Viruses

4
Viruses, Worms and SpamNetsky and Beagle

• Blocked by virus scanner
• However
• Flooded with bounced messages
• Personal responses to concerned victims
• Government e-mail service no longer bounces
  infected e-mail, just drops it

5
Viruses, Worms and SpamWelchia worm

• Over 300 computers infected within minutes
• Benign - no visible harm
• Difficult to remove
• Infection often not obvious
• Too many for personal attention
• Exceptional removal program
• Frequent re-infections

6
Viruses, Worms and SpamWelchia worm

• Embedded removal program in start-up script
• Used firewall and Internet traffic monitor to
  find infected computers
• Applied patches from Microsoft
• Took about 4 weeks to remove still not 100 sure

7
Viruses, Worms and SpamWelchia worm

• Consequences
• Wasted time
• Blocked from some web sites
• Corrective action
• Anti-virus on all computers
• Periodic scan for computers that have no
  anti-virus protection
• New patch management initiative

8
Viruses, Worms and SpamHoax Viruses

• Nigerian Letters
• Jdbgmgr.exe
• Almost as disruptive as real viruses

9
Viruses, Worms and SpamProtective Actions

• Contingency plan
• Awareness
• Automated virus signature update
• Patch management