Sometimes in a large organization that has offices all over the world and only a small IT security staff, it takes a significant event to reveal security failures in remote offices. This is exactly what happened this week. Until now, it has been fairly peaceful around the office. Other than the regular projects and ongoing issues, there haven't been any fires to put out. But this week, a new wormlike virus took us by surprise.

Normally the IT desktop department handles viruses, but this one involved so many people and so many man-hours that my group ended up getting involved. The worm, Bat.Mumu.A.Worm, or Mumu for short, hasn't taken the spotlight in the same manner as worms such as Melissa or Code Red, but our IT staff had to spend hundreds of man-hours dealing with it. We were taken by surprise because we were focusing on taking preventive measures to avoid being hit with three other viruses: SoBig, Bugbear and Lovgate.

We decided that these viruses had caused enough problems for other organizations that we wanted to be proactive. We spent so much time doing discovery work on what signatures to watch, and looking for updated virus definition files and getting them out to the workforce that we never saw Mumu coming until it had spread.

[ Read more ]

Comment:

For in-depth information on computer viruses, visit the Viruses section of HNS.