The Mydoom virus has infected only a few computers on campus, but continued vigilance is needed, as the threat continues. Email filters already in place removed most versions of the virus as soon as they appeared on Sunday, January 25. Infection was also slowed because many users were careful and did not open the .zip versions that did get through before they were filtered beginning in the afternoon of January 26 th .
However, Columbia email service was slow as infected systems outside Columbia generated huge volumes of email bounce messages aimed at Columbia . On Thursday, January 29, more than 280,000 virus-related messages were rejected, about 28-percent of all incoming mail.
According to AcIS, email users' caution helped slow the spread of the virus. But Vace Kundakci, deputy vice president of Academic Information Systems warns that this will not be the last such incident. "While email filters can reduce the impact of viruses," he said, "it is critical that email users practice safe computing. The next virus may spread even more quickly and do more damage." Because virus-laden messages appear to come from someone you know, he urges users not open an attachment unless they are "100-percent certain it is legitimate. If there is the slightest doubt, check with the sender." The Mydoom viruses also spread via the Kazaa file-sharing program, so this is another reason not to use these open, file-sharing programs.
The Mydoom virus is especially pernicious because it opens "backdoors" on an infected system that allow anyone on the Internet to access the computer. Backdoors allow a hacker to steal information -- credit card numbers, passwords, private files -- or to install software. The Mydoom virus is already being used to install spam servers that are used to send spam. "Much of the spam email users see is generated by personal computers broken into through system vulnerabilities and viruses," said Kundakci.
Some basic rules for staying safe on the network include:
More information on safe computing is available at:
Safe Computing Web site
AIS News, October 2003