News Stay informed about the latest enterprise technology news and product updates.

Mydoom-A infects a third of organizations polled

Results from last week's mini-poll on Mydoom-A reveals how companies responded and were affected by this worm.

Though it raced around the Internet last week, the Mydoom-A outbreak last week didn't spell disaster for the vast...

majority of security managers. A poll conducted by found that the worm infected 33% of 132 organizations surveyed but did minimal damage in most cases.

"Just a few of our users opened the worm before we installed our antivirus signature updates," said Clay Ruth, software systems engineering manager. "Both of our antivirus vendors (Trend Micro and F-Prot) came through quickly, so we had the updates online less than two hours after the worm first arrived in our mailboxes. The updated scanners promptly identified the infected systems and stopped the worm in its tracks."

Most of those polled (87%) said Mydoom-A caused little or no damage to their systems while 9% said that its impact was worse than Sobig-F, which caused headaches for a number of security teams because of numerous messages sent back to the spoofed from addresses.

Some had close calls because of interconnected systems. "We saw what appeared to be an infection in one contractor workstation that had connected to our network," said Mark Amos, the information security manager at Owens Corning. "However, we have a rather heavy layered defense so the worm could not propagate."

Amos's approach paid off. "We block executables coming into the corporation and examine .zip files for executables as well," Amos said. "Because of an early warning from Symantec we blocked all .zip files for about 20 hours as an additional precaution."

Many organizations that weren't infected by Mydoom-A still felt its wrath.

"My organization's mail server has received hundreds of mail messages destined for non-existing users," said Arik Baratz, a system engineer at Vidius. "I've (spent a lot of time) deleting the non-delivery notifications. My 30+ users are, however, uncharacteristically smart, and will not run an executable even in disguise."

Others agreed that the traffic was quite significant. "We're filtering nearly two thousand per hour, making the Mydoom/Novarg worm one of the hardest-hitting worms that we've seen," said John Masterson, VP of Modwest, a Web hosting and online services company.

Dig Deeper on Malware, virus, Trojan and spyware protection and removal

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.