British IT managers are girding their loins in the face of an attack from the latest Windows-based worm, known as Mydoom or Novarg.
According to a UK spokeswoman for antivirus company Symantec the threat clocks up a four on the danger scale - five is as bad as it gets and has never been recorded.
The worm currnetly pounding UK servers doesn't try to exploit a known hole in the Windows operating system, preferring to use the old-fashioned approach of requiring a user to click on the attachment to trigger its payload. If the victim has a copy of the Kazaa file-sharing application installed, it will also drop several files in the shared files folder in an attempt to spread that way.
Apparently a large number of users are doing this as the virus is being rated as a highly infectious beast by the major antivirus vendors, including Symantec and Network Associates. The worm attacks Windows 95, 98, Me, NT, 2000 and XP. According to a spokesman for
Allan Bell, marketing director for Network Associates Asia-Pacific, says the biggest impact of the worm is increased traffic in outbound email queues.
"It's a mass mailer, like most of the recent viruses we've seen, and this one tries to generate its own e-mail addresses. That's leading to a lot of errors which will, we fear, clog up outbound email queues as they retry several times over."
Bell likens the impact potential to the SoBig virus, which took several months to bring under control, leading to a slow down in email delivery.
"It opens TCP port 3127 which suggests it's trying to remote access the user's PC in some way."
Bell says virus outbreaks are a security risk that can be learned from. While anti-virus software is vital, deploying desktop firewalls is also important.
"That way you can limit the applications that access the internet and that will mean even if you are infected it won't spread." Bell says users should ensure unused ports are blocked as well.