When I read the name “Storm Worm” my thoughts run to Dune, but the news out of Europe doesn’t have a noble component. The malware writers have become more aggressive and more timely with a worm that’s hit hundreds of thousands of users in the last 24 hours.

The Storm Worm hit European users on the heels of a severe winter storm. Attached to an e-mail message with the subject “230 Dead as Storm Batters Europe”, the worm will turn an infected computer into a zombie on a botnet, or allow personal data to be storlen from the system. Time worked to the advantage of most North American computer users–many system administrators had placed the subject and payload into blocking filters by the time the Atlantic Seaboard hit office hours.

What’s the takeaway? This worm, like so many others, relied on social engineering, rather than a flaw in the operating system or application, to compromise a computer. Anti-malware software can help, but computer security begins with understanding how the bad guys will try to use a weakness in front of the keyboard to gain access to a computer. Don’t open attachments or click on links in an e-mail message if you aren’t absolutely certain about the orginator. Pick up the phone to call and verify if you need to–your computer, and those of many other users, will thank you for the effort.

Categories: Security, Threats