The Nimda worm is the latest example of how the Old World strategy of “one threat, one
cure” has become outdated. The purpose of this paper is to explore the nature of blended threats
using the Nimda and CodeRed worms as examples of these new dangers. Both of these worms
have shown that today’s adversaries are employing new combinations of offenses against IT
infrastructures. They also graphically point out that mere single point solutions will no longer be
adequate to address them. It is now necessary to protect all parts of the network and to respond on
the Gateway, Server, and Client levels. Subsequent to analyzing the threat we will explain the need for
a comprehensive response to these threats and show how Symantec has maintained its position as
the world’s leading Internet Security company by providing our customers with a broad array of
products and complementary services that address today’s and tomorrow’s threats.
Nimda is a worm. What makes it different from other Internet worms is that it requires no human
interaction to spread, instead using known software vulnerabilities and multiple vectors of infection.
The nature of a worm’s propagation and the speed with which it is able to infect victims is a hallmark
of its prevalence. Nimda, also known as W32.Nimda.A@mm, W32/Nimda@mm, PE_NIMDA.A,
I-Worm.Nimda, W32/Nimda-A, and W32.Nimda.A, was discovered on September 18, 2001.
Computer Economics (Carlsbad, CA) estimates that Nimda infected over 2.2 million servers and PCs
in a 24-hour period, between 2:30 PM EDT on September 20 and 2:30 PM, September 21. The firm
notes that 65% (1.43 million) of the worm’s targets during its initial attack were servers and the
remaining 35% (770,000) were PCs. Computer Economics estimates the economic costs of downtime
and subsequent clean-up for Nimda at $531 million (as of September 19, 2001).
As of August 31, 2001, Computer Economics projects virus- and worm- attack costs of $10.7 billion.
Did you find this white paper useful?
20 out of 47 users found this white paper useful
Related white papers
Securing SMBs Against Spam and Virus Threats
This white paper from St. Bernard Software explains why spam and viruses are particularly tough to eliminate in small- and medium-sized businesses (SMBs) that can't dedicate IT staff to combating...
Trojan Defence: A Forensic View
The Trojan defence; “I didn’t do it, someone else did”– myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward...
Gene Kim Presents "Surviving and Benefiting from an Audit" with Craig Morgan, Partner KPMG
An audit is a necessary and often painful event for many companies. As difficult as it is to imagine, it is possible to benefit from an audit. By understanding the...
The Real Cost of Spam
Unsolicited Commercial E-mail, or spam, is not just an annoying problem. It's a costly one. This paper examines the different cost impacts, both direct and indirect, that spam has on...
Learn the Newest Way to Secure Your Windows® Environment
Learn how to improve the security of your Microsoft® Windows® Environment! Shoring up network resources from both internal and external attacks is a priority of most IT organizations. Together new...
Sophos Email Security and Control - Free 30 Day Trial
Proactively block inbound and outbound threats with unrivaled effectiveness and simplicity, delivering high-capacity, high-availability gateway and groupware security.
Request your Free Trial Now!
Design Guide for F-Secure Anti-Virus
This Cisco Security Design Guide describes F-Secure Anti-Virus for Internet E-Mail (FSAVIM) version 5.0, the latest anti-virus gateway solution from F-Secure. This product is designed to cooperate with the Cisco...
