As an outsource security partner BAI provides managed security, managed firewall, managed ids, content filtering, internet security, network security, penetration testing, and vulnerability testing.

In June BAI Security reported the possibility of a WORM that was poised to hit the Internet in a widespread attack.  Yesterday, July 26, 2007, a widespread attack has been unleashed again using a variant of the Storm worm for the third time since our original announcement.

This time around 142 million emails have been spammed out containing URLs leading to web pages infected with the malware.

The emails typically claim that an electronic card has been sent to the recipient and that it can be viewed at the enclosed URL.  Inform your user base to avoid electronic greeting cards from unknown users to avoid being a victim of this attack.

"It was just a matter of time before the hackers had enough websites hacked with the proper malware loaded to support a widespread attack.", said Michael Bruck of BAI Security.  "We've been waiting for this one for over a month now and we started seeing the attack on our Managed Security client sites via our event correlation within our AntiVirus/Spyware/Malware and email content management systems.  Our systems provided early warning and since we block such threats in real-time before they enter our clientele's network they were not directly affected."

This is the second attack this month using the same variant of malware.  The first attack occurred from 2 July to 9 July. It generated about 123 million messages, three times more than any attack in the past two years. But in the earlier attack the malware was sent out in an attachment, whereas this is a web only attack, which in many cases can fly below the radar of basic AntiVirus systems.

In general the sites hosting the malware have been generated by the malware writers, but a small number are hacked pages of legitimate companies.

Mr. Bruck is warning that companies need to take greater care of their own sites to avoid being a host for malware.  Many people simply don't realize the significance of not protecting their sites and allowing them to be hacked for hosting such malware.  Once this happens and other organizations are infected from malware on your site you are opening yourself to legal issues, as well as major publicity problems that can ruin a businesses reputation.

"Of the millions of hacked sites out there it is estimated that 99% are small and medium sized businesses or personal sites," he said.  "With the cost of our Managed Security Services within reach of even small firms that don't have the in-house staff to deal with these issues, this type of this situation could be avoided."

Many smaller organizations put their website up with static information and simply do not update it in any way.  This includes updates for security patches and fixes to the underlying operating system.  Even if these organizations choose to not update their website content they still need to pay attention to the security patches and administration for the server(s) themselves to ensure they are not vulnerable to hackers that will use these sites to mount attacks.