Is the Storm worm virus still a serious threat?

Ask the Expert

Is the Storm worm virus still a serious threat?

It seems that variants of the Storm worm are still a significant threat. Do you agree, and what should be done by the industry and individual organizations to stop variants of the Storm worm?

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

Storm is one of those lingering worms that frequently gets tweaked and gains new functionalities. Originally unleashed in January 2007, this worm spreads primarily as an executable email attachment. This malware has infected over one hundred thousand machines. It gets its name from the title of the original email, "230 dead as storm batters Europe," which referred to a vicious winter storm that hit Europe in January as the worm was launched. The email exhorts users to click on the attachment to learn more about the big storm. When run, the attachment installs a bot on the victim's computer, which gives the attacker remote control over that machine -- a pretty straightforward attack that is certainly very common today. After all this time, too many users run executable email attachments.

Even when the original Storm worm was quickly added to antivirus filters, the attacker began to change it. Major new variations were released in February and April 2007, with subtle tweaks still going on today, such as putting the .exe attachment inside a password-protected ZIP file (with the password included in the body of the email). Despite these run-of-the-mill tactics, attackers are still using them to successfully build even bigger botnets.

How can we deal with this? I believe that we need major educational awareness campaigns, not just for corporations and government agencies, but for the public, telling folks to keep their systems patched and to not run .exe email attachments. Corporate security awareness initiatives often get pooh-poohed as ineffective, but what is really needed is a national effort to educate the public, possibly like the McGruff campaign from the National Crime Prevention Council. During a time when crime usually involved physical theft, the campaign emphasized the importance of locking doors and reporting suspicious activity. Today, a good deal of crime is computer-based, and we as an industry need to educate the public accordingly.

More information:

  • See how a variation of the Storm Trojan used blogs to spread rootkits.
  • Learn about January's Storm worm attack.
  • This was first published in July 2007