Mydoom's success at forcing software company SCO Group Inc. to take down its Web site, despite knowing days in advance that the virus would launch a denial of service attack over the weekend, demonstrates that no company is safe from such large-scale assaults.
An army of infected computers estimated at between 25,000 and 50,000 machines began bombarding the SCO web server with requests for its homepage Saturday evening. By midnight EST, the bogus traffic made the site inaccessible despite efforts by the company's technical staff to fend off the attack, which experts say was the largest of its kind ever.
An hour later, SCO removed the site from the Internet's global directory, and later advised customers and business partners that its address had been changed from www.sco.com to www.thescogroup.com. The attack on the original site was set to continue until Feb. 12.
The success of the assault demonstrates that any company's web site is vulnerable to viruses capable of turning infected machines into zombies ready to perform the bidding of the malicious code's author.
"We have never seen an attack on this scale from a virus, because we've never seen a virus infect so many machines," Craig Schmugar, virus research manager at anti-virus software maker Network Associates Technology Inc., said Monday. "For any business out there, including some very large web sites, if enough machines are attacking, it's going to have an ill effect."
Options companies have in fending off a denial of service attack include increasing bandwidth to handle the spike in traffic, experts say. However, that option is expensive and may not be feasible for many companies.