Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mydoom Shows Vulnerability Of The Web

Mydoom's success at forcing software company SCO Group Inc. to take down its Web site, despite knowing days in advance that the virus would launch a denial of service attack over the weekend, demonstrates that no company is safe from such large-scale assaults.
An army of infected computers estimated at between 25,000 and 50,000 machines began bombarding the SCO web server with requests for its homepage Saturday evening. By midnight EST, the bogus traffic made the site inaccessible despite efforts by the company's technical staff to fend off the attack, which experts say was the largest of its kind ever.

An hour later, SCO removed the site from the Internet's global directory, and later advised customers and business partners that its address had been changed from www.sco.com to www.thescogroup.com. The attack on the original site was set to continue until Feb. 12.

The success of the assault demonstrates that any company's web site is vulnerable to viruses capable of turning infected machines into zombies ready to perform the bidding of the malicious code's author.

"We have never seen an attack on this scale from a virus, because we've never seen a virus infect so many machines," Craig Schmugar, virus research manager at anti-virus software maker Network Associates Technology Inc., said Monday. "For any business out there, including some very large web sites, if enough machines are attacking, it's going to have an ill effect."

Options companies have in fending off a denial of service attack include increasing bandwidth to handle the spike in traffic, experts say. However, that option is expensive and may not be feasible for many companies.

  • 1