Combating Worms Outbreaks: Malaysia Experience
Many computer security programs and the standard operating procedures in handling computer incidents are not effective and efficient especially when dealing with new and less understood class of computer threats. Based on Malaysia Computer Emergency Response Center (MyCERT) testing and observations on report received from users, the eradication period for Code Red and Nimda was 3 months, Nachi and Sobig.F was 2 months and Blaster was 2 weeks. Why did it take 3 months, 2 months or 2 weeks to eradicate this worm? Can the eradication period become shorter? More organizations are spending endless hours repeating processes that are non-effective in completely eradicating the worm within the network due to uncoordinated efforts within the organization and non-efficient ways of handling worm or virus incidents. This paper compiled MyCERT experiences in combating worms' outbreak. The comparative study in this paper is based on MyCERT testing and observations on report received from users. This paper also will explain the five different worms, which had caused great detrimental impacts to Internet users worldwide. Few related issues will also discussed together with recommended guidelines to give better understanding of the worms and how to deal with them.
Keywords: Worms, Outbreak, Security breach, Education, Security threats
Madihah Mohd Saudi
National ICT Security and Emergency Response Center(NISER)