The eight new worms since Friday all deliver their payloads masked as file attachments to e-mail messages, although their subject headings, message text, and file attachment names and types differ. All, said Gullotto, include a backdoor component that opens up infected machines to further exploitation or attack, and spread by hijacking e-mail addresses from the infected system and using their own SMTP engine to spawn more copies.
Some have been marked as more serious threats than others by various security firms. Symantec, for instance, tagged Bagle.c, Bagle.f, and Bagle.g with a "2" in its 1 through 5 scale, but marked Bagle.e as a "3." (Symantec uses a slightly different nomenclature for the worm, calling it Beagle rather than Bagel.) Network Associates, however, stuck its "Medium" label on Bagle.c, Bagle.c., and Netsky.d, but gave the others a ranking of only "Low."
"The differences are all due to prevalence," said Gullotto in explaining the varying alert levels.
Netsky.d, discovered Monday, seems to among the fastest spreading of the new wave of worms. According to Finnish security firm F-Secure, Netsky.d is accounting for over 43 percent of all virus samples. Sophos, another security firm, noted Monday that Bagle.c is especially prevalent.
Although not spreading as quickly, Bagle.f and Bagle.g are particularly cunning, according to Sophos. Their payloads are tucked within password-protected ZIP files, which means that most virus scanning software can't detect the worm inside the archived file. The e-mail message, however, contains the password -- another trick the worm writers are using to get users to open the attachment.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
