MyDoom and MyDoom.B together accounted for 30% to 40% of e-mail traffic up until yesterday, leaving labouring mail servers in their wake and troubling Internet service providers (ISPs), corporate customers and dialup users alike.
But the consensus among Web watchers is that the worms` impact was not particularly harmful in infection terms. Of the infections, dialup users were the most affected. They warn, however, that small and medium enterprises (SMEs) are at risk from future infections.
ISPs take stock
Telkom dial-up customers were affected as the network experienced problems with mail delivery. "It was slower than normal due to a heavy load, mainly owing to the new worm," says Hans van de Groenendaal, Telkom senior specialist, corporate communications.
Geoff Rehmet, Internet Solutions (IS) senior consultant, new business development, says IS`s own servers have "definitely seen an increase in virus traffic", adding that on Thursday it accounted for perhaps a third of all traffic. IS servers were able to cope with the extra load, he says.
The impact on customers was not that perceptible, Rehmet adds. "Mainly the dialup customers were affected." Although IS blocks infected mails to both, companies generally have better security than home users.
Small company, big risk
Arthur Goldstuck, MD of World Wide Worx, a market research firm, says anti-virus updates among SMEs are inadequate. According to the company`s report, "Internet Access in SA 2004", one in five Internet-connected SMEs is at high risk from viruses.
"Just under half of all SMEs using the Internet are updating their anti-virus software on a daily basis," says Goldstuck. "Just under a third of the SMEs interviewed updated their anti-virus software on a weekly basis, placing them at medium risk; while 20% were either unaware of frequency or updated their protection only once a month or less, putting them in the high-risk category.
"Many SMEs are relying on the anti-virus protection supplied by their ISPs," says Goldstuck, "but it is still irresponsible not to have up-to-date protection on your own computer or network."
Don`t worry, but worry
Although infections were not the main problem of MyDoom so far, future developments may prove troublesome. The worm is coded to launch distributed denial-of-service attacks on SCO Group and Microsoft Web sites early next month, from infected computers.
Although by all accounts most infections were avoided, and the effects were mostly in terms of clogged-up networks, MyDoom will, once its shelf-life runs out on 12 February, turn its attention to infected PCs once more. Once infected, MyDoom opens a "back-door" to a computer that allows the worm writers remote access to an infected machine.
Rehmet says it remains to be seen how harmful this will be. "The positive outcome is that everyone will monitor their computers after this," he adds.
Related stories:
MyDoom just got worse
Bigger price on MyDoom author`s head
FBI, reward against MyDoom creators
Hi to MyDoom
Share
