A variant of the computer virus that knocked SCO Group's Web site off the Internet earlier this week had no effect on Microsoft's Web site yesterday, causing security experts to describe the virus, MyDoom.B, as "poorly written." Analysts were concerned that the MyDoom variant would flood the Internet's DNSs with requests for Microsoft's Web site, making the site unavailable to users. But unlike the earlier attack on SCO's Web site, the Distributed Denial of Service (DDoS) attack on Microsoft's Web site never really got off the ground.
"It seems like the attack was poorly coded and a complete failure," Jack Sebbag, Canadian general manager and vice president of Network Associates, said. "It had less than 4000 or 5000 PCs trying to attack the Web site. It's basically become an absolute nonissue for Microsoft." By comparison, the original version of MyDoom infected millions of PCs and was able to use hundreds of thousands of them as zombies to attack the SCO Web site. Meanwhile, Microsoft had taken steps to prevent the MyDoom.B attack from succeeding, although for security reasons the company is remaining tight-lipped about what it did to prevent a disruption. "While we are unable to discuss the specific remedies we took to prevent the DDoS attack, we did make it a priority to ensure that Microsoft Web sites, such as Windows Update, remained fully available to our customers," a Microsoft spokesperson said late yesterday.
With MyDoom.B activity dwindling, security experts are already looking to the next attack, which will likely be another variant of what's already described as the worst email virus attack ever perpetrated. "There may be a MyDoom.C or MyDoom.D," Sebbag warned, if only because the perceived success of MyDoom will likely inspire malicious attackers to launch similar assaults on firms they don't like. The creators of MyDoom clearly attacked SCO because it is involved in a high-profile and high-stakes battle with Linux backers such as IBM and Novell. Microsoft--well, Microsoft is Microsoft. Who's next?