Big Canadian firms thwart Mydoom

Already labelled as the one of the most damaging worms ever, the Mydoom malicious code is proving to be a boon for hackers and spammers, but of little consequence to those Canadian companies that took security up a notch after last year’s spate of worms.

The Bank of Montreal, a company that was already replete with security technology, has “incorporated the lessons learned last year,” said Robert Garigue, BMO’s Toronto-based chief information security officer. “There has been a transformation.”

Last year’s Slammer and Blaster worms, referred to as a “shot over the bow” by Symantec Canada’s general manager Michael Murphy, were a painful lesson that convinced many companies to pay more attention to security.

BMO is doing a better job of patch management, monitoring the currency of its applications, operating systems and antivirus management. The resultant system “is a series of rings to ensure as much defense as possible,” Garigue said. Mydoom was “filtered off at the gateway,” he added, though BMO security experts did see indications of it arriving. Since BMO quarantines all e-mail attachments (it sends recipients a notice that they can retrieve the attachment if needed), Mydoom was ineffectual. Even if an infected laptop had made it through, internal systems would have picked up on the abnormal behavior of Mydoom trying to e-mail itself out. “We have agents that look for that kind of activity,” said Garigue.

He added that, unlike last year, this time around he and his counterparts at other Canadian financial institutions seem to have been unaffected. A spokesperson for the Royal Bank concurred, saying it was not affected by Mydoom.

Simon Tang, senior manager, security services with Deloitte in Toronto, said the small business and consumer markets were hardest hit since neither possess the multi-tiered defense systems that larger corporations have in place. Having said that, he agrees with the prognosis that it is one of the worst worms seen in recent years. “It is definitely spreading at a very fast pace, faster than Blaster,” he said.

Kevin Krempulec, the Toronto-based Canadian channel manager for Symantec Corp., said that the firm’s statistics back up this conclusion. Of the 246 Mydoom submissions it received from Canadian customers, only 10 were from corporate clients.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now