"With less than 10,000 machines infected [by Mydoom.b], there are fewer than 1,000 computers attacking Microsoft.com at the same time," said Kuo. "In other words, there are more people going to the site to download the latest IE update than there are machines attacking."
The bug is yet another clue that the two worms were written by the same hacker, said Kuo. "We've always thought that one person wrote both," he said. "Each variant was signed for purposes for code backup; both included the name 'andy.'"
Microsoft would not go into details on what steps it had taken to deflect the Mydoom.b DoS attack, but "Microsoft's Web properties remain fully available to customers," a spokesperson said.
"While we are unable to discuss the specific remedies we took to prevent the DoS attack, we did make it a priority to ensure that sites, such as Windows Update, remained fully available," she said.
Besides running DoS attacks, Mydoom.b blocked access to a slew of anti-virus, security, and update sites, including Windows Update and Office Update. On Tuesday, Microsoft launched an alternate site that contains links to work-arounds users can apply to reach these blocked URLs.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
