The Code Red virus may have garnered all the headlines this past
summer, but companies should also beware of the lower-profile Sircam worm.
Designed to attack vulnerabilities in Microsoft Outlook, the worm will
choose a file on local hard drives to infect and randomly send it off to
unsuspecting recipients. Sircam is insidious — it sends itself out
selectively and doesn't do massive damage — but it can destroy files and
slow performance.
The worm's greatest damage might be done on peer-to-peer networks.
Because client machines communicate without the intermediation of a
central server, Sircam can rapidly hop from machine to machine until the
entire network is completely infected. "It's not that a peer-to- peer
network is more vulnerable to a worm or a virus, but they certainly spread
a heck of a lot faster," says Mike Ellsworth, managing principal at
Stratvantage, a business-to-business consulting firm with expertise in
peer-to-peer networks.
The lack of central administration can make worms and viruses more
difficult to banish from corporate networks because an IT staffer can't
simply hit the "off" button on the file server, stopping file access and
transfer until the infection is localized and obliterated. "A number of
common virus controls, such as knowing who the sender is or having a
reasonable expectation that what you're downloading is safe, are often
absent from a peer-to-peer network," says Ellsworth. For example, in the
absence of file authentication, an employee viewing his or her
peer-to-peer interface might see that a colleague has the latest version
of a work proposal when it fact it is a virus disguising itself.
A debate rages as to whether antivirus software on desktop machines can
thwart Sircam, although vendors claim that a postinfection cure is
relatively easy. Nonetheless, a virus doesn't need to be glamorous to do
plenty of damage. This year 94 percent of companies said they had been hit
by computer viruses in the past 12 months.
.gif)
.gif)