[ISN] CERT: Zotob, esbot not major attacks

InfoSec News isn at c4i.org
Thu Aug 18 03:08:46 EDT 2005


By Michael Arnone
Aug. 17, 2005 

The group of attacks that include the Zotob and esbot worms aren't
major cyberattacks, the U.S. Computer Emergency Response Team (CERT)  
said today.

"We're not in crisis mode at this time," said Jeff Havrilla, Internet
security analyst at CERT. "We're nowhere near the same scale of
activity" that occurred when the Blaster worm leveled computers
worldwide in 2003, he said.

Blaster affected hundreds of thousands of unique IP addresses,
Havrilla said, while the number of addresses affected by the group of
attacks including zotob and esbot has not yet reached 100,000.

The attacks prey on vulnerabilities in Microsoft's Windows 2000
operating system, Havrilla said. CERT published an alert Aug. 9 to
warn the public, but the intruder community created the worms before
many users could protect themselves, he said.

The attacks' effects on the federal government have not been large,
Havrilla said. He said he has heard media reports that the attacks
affected some computers on Capitol Hill, but CERT has not received any
reports of attacks.

News organizations were hit hard because they may not have understood
the risks of patching systems on their corporate networks, Havrilla
said. Now that they've been attacked, he said, they're spreading the

More information about the ISN mailing list