Even when the original Storm worm was quickly added to antivirus filters, the attacker began to change it. Major new variations were released in February and April 2007, with subtle tweaks still going on today, such as putting the .exe attachment inside a password-protected ZIP file (with the password included in the body of the email). Despite these run-of-the-mill tactics, attackers are still using them to successfully build even bigger botnets.
How can we deal with this? I believe that we need major educational awareness campaigns, not just for corporations and government agencies, but for the public, telling folks to keep their systems patched and to not run .exe email attachments. Corporate security awareness initiatives often get pooh-poohed as ineffective, but what is really needed is a national effort to educate the public, possibly like the McGruff campaign from the National Crime Prevention Council. During a time when crime usually involved physical theft, the campaign emphasized the importance of locking doors and reporting suspicious activity. Today, a good deal of crime is computer-based, and we as an industry need to educate the public accordingly.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Ed Skoudis
Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology. Continue Reading
By viewing a page's HTML source code and writing malicious scripts to a drop-down list, hackers may be able to re-post the malicous page to the ... Continue Reading
Password cracking may be a hacker's specialty, but there are also many strategies to keep passwords secure. Continue Reading