NEWS 'Today SCO, tomorrow Microsoft' - it's a phrase that could sum up the progress of the MyDoom virus. The Redmond software giant knows it is next in line for some personal attention from the worm that launched a highly effective denial of service attack on the SCO website over the weekend.
The virus was launched last week with instructions to trigger a coordinated attack against the SCO website using an army of infected computers. A second iteration of the virus then arrived in users' inboxes with similar instructions, though this time with Microsoft singled out as the target.
When the US giant wakes up on 3 February the attack will be under way.
However, Paul Wood, principle information security analyst at MessageLabs, believes Microsoft will get off far more lightly than SCO.
"At the moment we are still considering MyDoom.B to be a low risk virus. I'd be very surprised if Microsoft suffers in the same way SCO has."
However, Wood added that "there is almost certainly a rubbernecking effect with any attack such as this, whereby so many people visit the site to see whether it is down that that in itself can effectively create a denial of service attack coupled with the traffic created by the virus."
SCO has attracted widespread anger from the Linux community in recent months due to its ongoing legal action and Microsoft has never been a favourite with the pro-penguin lobby - leading many to assume a link between the virus and a small group, or lone individual, with an open-source axe to grind.
This kind of threat is not new to Microsoft. In August last year the company had to fend off the MSBlast worm, which targeted the Windowsupdate.com site. In that instance the company just removed the site - figuring out that no target equates to no attack.
But that defence may not be so easy where its flagship Microsoft.com site is concerned - though if all else fails the techies at Microsoft may still consider taking it down by their own volition preferable to having it taken down for them.
The company is remaining tight-lipped on how it will defend itself against the attack, for fear of sharing its best defence with its attackers. A company spokeswoman told silicon.com it intends to ensure the availability of all Microsoft's online properties throughout any distributed denial of service attack which may occur.
Whatever happens, MessageLabs' Wood reckons "it's going to be an interesting few days".
Watch this space... or more to the point, watch this space.
Comments
There are 4 comments. Join the discussion
1. Mark Leman
It would be a good advert for Internet Information Services, if they keep the site running.
I Believe sco's is still down they must be running something else.
2. Lawrence Wright
SSCO actually took their own site down, removing www.sco.com from the DNS in order to avoid the DDoS.
Visit www.groklaw.net for coverage!
Ironically Microsoft's way of avoiding previous DDoS attacks has been to farm www.microsoft.com out to Akamai, who use Linux for serving content....
3. Mark Leman
interesting web site,
it does however say in a press release from sco that there site was taken down, on saturday night during a DDos attack, and they moved it on monday.
All im saying is, if microsoft appear fine through there attack, its better press for them and there products than sco and linux.
4. Mark Leman
Interesting website.
It does however say in a press release from sco that there site was taken down, on Saturday night during a DDos attack, and they moved it on Monday.
All I'm saying is, if Microsoft appear fine through their attack, its better press for them and there products than SCO and Linux.