Update: Police in the Netherlands arrested today the man who claimed to have authored the Onthefly worm, also known as the Anna Kournikova virus.
The 20-year-old man, whose identity is protected under Dutch privacy laws, turned himself in to police in the northern town of Sneek after allegedly posting a letter on the Web Tuesday claiming he created the virus. He was detained on suspicion of damaging computer programs and property but has been released pending an appearance in court.
The Netherlands adopted legislation on online crime in 1999. Under the law, the man faces up to four years in prison.
“Anna” was still hitting some servers as late as yesterday. However, If on Monday the virus had an advantage over many companies, yesterday’s score was closer to love-40.
One Seattle area company, for example, that was quite prepared to face the virus for a tough match is NetUpdate, a Bellevue-based provider of online transaction management systems. According to NetUpdate IS Manager Jim Gibbs, his company was hit a total of 64 times in the last 24 hours. However, the threat was eliminated by the the company’s anti-virus software, as well as an informed staff.
NetUpdate currently uses two different types of viral scanning software packages. One is for the mail server which is Trend Micro’s Scan Mail. The other is also by Trend Micro called Office Scan, which is used on most of the internal workstations.
According to Gibbs, his team gets the latest viral software patch from their vendor on a daily basis.
They also make daily backups of all servers on their network. “If we ever need to use the
backups we know that our users will only be out of commission for roughly 30 minutes. We believe that a strong daily backup is the best defense to a virus attack.”
So what advice would Gibbs give to other Internet companies. “I believe the best security policy is a strong verbal communication with the users in your company”.
Gibbs advises employees daily on the correct practices when receiving an e-mail attachment and also forbids the opening of any file, no matter who the sender, with a .VBS
ending.
“We realize there are more, but this seems to be the main attacker in the
last year or so”.