[ISN] CERT: Zotob, esbot not major attacks

From: InfoSec News (isn@private)
Date: Thu Aug 18 2005 - 00:08:46 PDT


http://www.fcw.com/article90073-08-17-05-Web

By Michael Arnone
Aug. 17, 2005 

The group of attacks that include the Zotob and esbot worms aren't
major cyberattacks, the U.S. Computer Emergency Response Team (CERT)  
said today.

"We're not in crisis mode at this time," said Jeff Havrilla, Internet
security analyst at CERT. "We're nowhere near the same scale of
activity" that occurred when the Blaster worm leveled computers
worldwide in 2003, he said.

Blaster affected hundreds of thousands of unique IP addresses,
Havrilla said, while the number of addresses affected by the group of
attacks including zotob and esbot has not yet reached 100,000.

The attacks prey on vulnerabilities in Microsoft's Windows 2000
operating system, Havrilla said. CERT published an alert Aug. 9 to
warn the public, but the intruder community created the worms before
many users could protect themselves, he said.

The attacks' effects on the federal government have not been large,
Havrilla said. He said he has heard media reports that the attacks
affected some computers on Capitol Hill, but CERT has not received any
reports of attacks.

News organizations were hit hard because they may not have understood
the risks of patching systems on their corporate networks, Havrilla
said. Now that they've been attacked, he said, they're spreading the
news.



_________________________________________
Attend ToorCon 
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org 



This archive was generated by hypermail 2.1.3 : Thu Aug 18 2005 - 00:38:26 PDT