Financial Daily from THE HINDU group of publications
Saturday, Aug 23, 2003
Info-Tech - Viruses
Sobig, so potent, say affected corporates
Bangalore , Aug. 22
AS the world's most rapidly spreading virus to date, with millions of copies in existence since its appearance earlier this week, Worm_SobigF, has infected Indian corporates and together with the MS Blaster, has caused confusion, downtime and losses for many. Be they frontline IT services companies or public sector banks, shopping portals or FMCG enterprises, the viruses have infected all.
Business Line, no stranger to Sobig itself, surveyed the security landscape, to find that Indian companies, like their counterparts elsewhere, are aware of the threats to network security and possible losses from such malware... but most make only half-hearted efforts to secure their networks, or put in place security patches during the initial high-vulnerability period.
While firewalls and intrusion detections at many companies were able to ward off SobigF, the email-borne pest since its first appearance earlier this week, many fell prey to the more insidious MS Blaster that spread through the Internet.
``At Wipro, over 600 people were unable to access any application for 4-5 hours as the access channels were blocked in an attempt to ward off the threat, said Pazhamalai Jayaraman, Information Security Manager.
Certainly, there was downtime but with over 15,000 employees, the malware was contained fast.'' Intranet backbone applications and employee self service portal applications were down, he said, adding that customers were not much affected. This, despite Wipro employing firewalls, intrusion detection systems, virus screening at gateways and anti-virus software on all desktops.
According to Internet security company, Symantec, it upgraded the threat to of SobigF to Level 4 (with 5 being the highest) in anticipation of the payload being triggered today. ``While MS Blaster and Welchia primarily impacted large enterprises, SobigF is predominately affecting consumers and small businesses,'' said Mr Joy Ghosh, Country Manager, Symantec India.
``Computer users should use security best practices and not open attachments unless they are expecting them.'' Symantec Security Response is receiving approximately 1,800 submissions per day, according to the company. The worm has a payload which outlines that it must be a Friday or Sunday between the hours of 7-10 pm when the virus-writer can download files - including passwords, set up spam relay servers on infected computers and send out information to an undefined address
According to Mr K. Vaitheeswaran, Vice-President -Marketing, FabMart, the MS Blaster virus has impacted its systems, though not its portal with about 200 people on its network, FabMart says the nuisance value, downtime and loss of productivity has been considerable. In fact, with hard disks of some PCs crashing, information loss, retrieval and storage issues have come to the fore and taken up time and effort, he said.
SobigF has overtaken previous frontrunners such as the LoveBug, Klez and Kournikova viruses. This is the sixth version in the Sobig series and the expiry date indicates that the originator is planning an even more potent and sophisticated worm in later version, according to analysts. At the rate at which it is spreading (with virus:email ratio being 1:17, according to one report), Sobig is expected to remain a serious threat to networks, say security experts.
Public sector banks too were affected by both potent viruses, though it was not the ATM network that was affected, said one fatigued IT department head. Several systems crashed and we are yet to retrieve information from some hard disks he said, adding that about 50 employees in a couple of departments faced such difficulties each day for a week.
According to a 600-people IT services firm in Bangalore which was affected by the MS Blaster and the Welchia but not the SobigF, there was no impact on application severs but several PCs in different departments kept crashing every day for 4-5 days while the security patches needed to be put on, according to an executive. The Femont too affected some companies but has been contained. The impact of the SobigF is continuing to be felt across enterprises in India, said security experts.
Stories in this Section
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription
Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | Home |
Copyright © 2003, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line