« PhishTank Seeks Bigger Tank | Main | What Does Spam Cost? »

As this blogger, and many others, report on the aftermath of the "storm" worm, one of the reasons for the worms effectiveness is the very fact that many thought this type of malware attack was obsolete.

Because of the effectiveness of blacklisting, along with content pattern matching, cyber criminals have largely abandoned large scale attacks in favor of micro-attacks, which are small and specific to certain industries and designed to stay under the radar to avoid detection. So most security experts concluded that the days of massive worldwide Sasser like attacks were a thing of the past. Click here for the Wikipedia explanation of 2004's Sasser computer worm.

One aspect of the storm worm that has come into favor with malware is its use of social engineering. Computer users, and people in general, seem to fall for headlines that warn of imminent massive threats or reports of a large number of deaths. I guess this is just like the local evening news that go by the saying, "If it bleeds, it leads." Triggering the all-too-human flight or fight syndrome seems one of our most unavoidable impulses, and apparently the perfect delivery mechanism for malware.

Symantec gave the storm worm a 3 rating, which is rare, as they mostly only rate malware at a 1 or 2. Some question whether the storm worm really merited so much media coverage, with some saying storm's overexposure was the result of a slow news week. All I know is that one company I work for had their email completely shut down for an entire day this week, and while we were uncertain of the bugs true origins, it sure seemed to bear all the hallmarks of the storm worm.

Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/1228