Storm worm warning - a postscript from Spamhaus

Hard on the heels of my Saturday report about the resurgence of the Storm worm, Spamhaus - the not-for-profit anti-spam organisation - has issued a release about the malware.

As I said on Saturday, Storm is unusual in being a worm, virus and bot-trigger, all rolled into one.

According to Richard Cox, Spamhaus' chief information officer, the extra danger with the reworked version of Storm is that it has arrived at a time when there are lots of newbie computer users coming online.

"In most cases of malware the Internet industry contacts the source and, again, in most cases, the problem site is shut down quickly," he said.

With the Storm worm, however, he says, the Russian Information Centre, which controls the servers that the malware relies upon, is not answering the phone, or responding to emails.

The problem, he says, is that the Russians are not going to be back at their desks until January 9th, by which time, of course, many users' PCs will have been infected

Richard tells me that he and his colleagues at Spamhaus have made direct appeals to the FSB (the Russian State Police) and to the Russian Ambassador in London, with a request for their intervention to mitigate the problem.

"We've also attempted to contact the UK's Serious and Organised Crime Agency (SOCA), but have so far been unable to get any form of response," he said.

According to Richard, it's unfortunate that a lot of the Internet malware of this type can be traced back to Russian and Ukraine-based networks.

"This issue should have been tackled through inter-governmental channels," he said, adding that at a recent meeting to discuss Internet governance issues in London, it was made clear to UK government peeps about the need to tackle Internet security issues as a matter of urgency.

Mind you, we are dealing Gordy Brown's government now. Don't you sometimes wish you could have Tony Blair back?