MyDoom Not So Looming in Asia

Trend Micro attributes the lower rate of infection in Asia to the differences in how cultures use the Internet.

MANILA, The Philippines—The MyDoom virus that is causing system shutdowns for ISPs and enterprise systems in the United States is also affecting Europe and Asia, although the damage in Asia is not as bad.

Data from anti-viral software leader Trend Micro indicates that MyDoom has had less of an effect in Asia than on the other major continents enterprise and ISP systems. "As of 5 p.m. on Thursday the current infection in Asia is about 5 percent of the user base," said Janz Yaneza, senior anti-virus consultant for Trend Micro. "While that is somewhat high, it is not nearly as prolific as the SoBig virus of February of last year."

Trend Micros Manila facility of 400 support and R&D engineers monitors the companys enterprise and ISP customers worldwide on a 24-by-7 basis. "In general, the rate of infection is running higher in the United States and Europe," said Yaneza. "For Asia, the rate of infection is not really that heavy."

Yaneza attributes the lower rate of infection in Asia to differences in how the different cultures use the Internet. "Americans are much more likely to open attachments," he said. "Asians just tend to ignore strange e-mail. Especially if the attachment has an .esc extension."

Of course not all Asians are so computer literate. "Its a mixed bunch of users here in Asia," Yaneza said. "A lot of viral protection is just a matter of a users level of computer education."

Trend monitors worldwide viral attacks at the ISP and enterprise level on an hourly basis as well as offers the same for virus protection services. "Our new service is called outbreak prevention policy," said Yaneza. "This is a constant new virus protection service that is updated every 60 minutes. Previously we were using a signature detection system but that has become somewhat passé."

At the corporate level, anti-virus detection and intervention is often handled by internal IS staff. For at least one major Asian electronics industry company, the negative impact of MyDoom also seems to be under control.

United Microelectronics Corp. of Taiwan is the worlds second largest contract manufacturer of integrated circuits. The chips the company produces are used in electronic devices that range from PCs to cell phones to consumer electronic devices. Like every large corporation in the world today, internal Internet communication at UMC has become a necessity. As a contract integrated circuit manufacturer, though, UMC has the added component that its production and marketing require sometimes-constant Internet communication between themselves and their customers. The contract integrated circuit production business deals in plate-shaped wafers that contain hundreds of integrated circuits and that can run into the thousands of dollars per unit. They are being ordered by the thousands and today regularly have millions of dollars in startup design, debug and setup costs. Certain anti-virus protection is a necessity.

"UMC employs a dedicated information security team to deal with all potential virus threats," said company sources. "That includes MyDoom and others. We are confident that our preventive efforts will keep our e-mail system running smoothly and do not anticipate any deleterious effects to us or our customers resulting from an e-mail virus attack on UMCs systems." As of 6 p.m. Thursday, UMC had not experienced any effects from MyDoom at either the internal level or with communication with its customers.

The rate of infection by MyDoom seems to be slowing down in Asia and worldwide in general, according to Yaneza. Also, the "B" derivative seems to have a glitch in its code, which makes it easier to defuse than the original "A" virus.

For virus protection in general, he said the current craze for HTML e-mail for the viewing of pictures and video is a major problem. "MyDoom, like many viruses, resides in attachments. HTML allows a virus to borrow script where it can be inserted. I recommend sticking to the traditional text format for anti-virus protection. And, of course, dont open up attached documents with an .esc extension no matter from whom it comes."