"From an availability standpoint, Microsoft has been completely unaffected by Mydoom," he said. "I suspect that Microsoft has done a good job of defending its sites and servers."
The fact that Microsoft's site wasn't affected didn't take security analysts by surprise. By late last week, many of the security experts monitoring Mydoom.b were saying that the variant wouldn't drag down Microsoft's site.
Mydoom.b, and its precursor, Mydoom.a, both used infected machines to conduct DoS attacks against sites. The worms forced compromised systems to bombard the home pages of SCO and Microsoft in the hopes of overloading their servers and making the URLs inaccessible.
The reason Microsoft escaped SCO's fate, said Jimmy Kuo, a McAfee fellow at Network Associates, and the founder of that company's AVERT security team, comes from a combination of the small numbers of Mydoom.b-infected systems and a programming gaffe in the worm's code.
"By yesterday, the count of Mydoom.b samples submitted to us was only in the teens," said Kuo, "and for two days last week, we saw none. It's just not spreading."
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
