Endpoint Protection

 View Only
  • 1.  Question on Symantec ThreatCon Level - Have we ever hit Level 3 or Level 4 before?

    Posted Nov 10, 2009 04:19 AM

    Everyday, I'm looking at the Symantec ThreatCon level. It is always either between level1 and level2.

    Can anyone here tell me whether Symantec has escalated their ThreatCon to Level 3 or even Level 4 before?

    If so, when was the last time it has happened, and what was the cause of it?



     



  • 2.  RE: Question on Symantec ThreatCon Level - Have we ever hit Level 3 or Level 4 before?
    Best Answer

    Posted Nov 10, 2009 04:28 AM
    The level 4 warning has never been issued; the last time level 3 was reached was back in 2004 because of the Sasser worm.

    However during product testing a False Alarm of 4 was raised in September 2007 

    http://en.wikipedia.org/wiki/Sasser_(computer_worm)


  • 3.  RE: Question on Symantec ThreatCon Level - Have we ever hit Level 3 or Level 4 before?

    Posted Nov 10, 2009 08:11 AM
    What did code red generate? I live through that one while at Principal.
    I also spent many hours on "love bug" as the press loved to call it. (what turkeys most press-types are, no real computer pros ever write their articles)
    I don't recall the status back then, but definitely a 3 during one of the 2 or 3 long nights I spend dealing with those things and others.
    I was there until late 2002, and know there were some whoppers in those days!


  • 4.  RE: Question on Symantec ThreatCon Level - Have we ever hit Level 3 or Level 4 before?

    Posted Nov 10, 2009 08:16 AM
    Code Red was also a 3.  That was a loooooooong time ago.  Fortunately, we haven't seen a 3 in awhile.


  • 5.  RE: Question on Symantec ThreatCon Level - Have we ever hit Level 3 or Level 4 before?

    Trusted Advisor
    Posted Nov 10, 2009 08:19 AM

    Here is the list of the most insidious malware threats that have surfaced in the past 20 years.

    The following threats have been selected for the notoriety they achieved through widespread epidemic and the damage caused:

    Friday 13 or Jerusalem
    Created in Israel in 1988 and first reported in Jerusalem, this supposedly commemorated the 40th anniversary of Israel. Whenever the date was Friday 13, it would delete all programs run on an infected computer.

    Barrotes
    The first well-known Spanish virus appeared in 1993. Once on the computer, it would remain hidden until January 5, when it would activate displaying just a series of bars on the monitor.

    Cascade or Falling Letters
    Created in Germany in 1997, this virus would make the letters on the screen fall in a cascade whenever it infected a computer.

    CIH or Chernobyl
    This virus was produced in Taiwan in 1998, and took just one week to propagate and infect thousands of computers.

    Melissa
    First appeared on March 26, 1999 in the USA. This ultra-smart malicious code used social engineering to spread, with a message that read "Here is that document you asked for. . . don't show anyone else ;-)"

    ILoveYou or Loveletter
    So famous, it hardly needs introduction. This romantic virus emerged from the Philippines in 2000. With the subject 'ILoveYou' it infected millions of computers around the world and even hit organizations like the Pentagon.

    Klez
    Created in 2001 in Germany, it only infected computers on the 13th of odd months.

    Nimda
    The name is basically 'admin' spelled backwards, as it was able to create administrator privileges on infected computers. It originated in China on September 18, 2001.

    SQLSlammer
    This was another major headache for companies. It first appeared on January 25, 2003, and affected more than half a million servers in just a few days.

    Blaster
    This virus, created in the USA on August 11, 2003, contained a message in its code: "I just want to say love you, San!!" (We still don't know who 'San' is), and "Billy gates, why do you make this possible? Stop making money and fix your software".

    Sobig
    This German virus was famous in the summer of 2003. The F variant was the most damaging, it attacked on August 19 of the same year and generated more than 1 million copies of itself.

    Bagle
    This emerged on January 18, 2004, and has been one of the most prolific viruses with respect to the number of variants.

    Netsky
    This worm also came from Germany in 2004 and exploited vulnerabilities in Internet Explorer. Its creator was also responsible for the notorious Sasser virus.

    Conficker
    Last on the list and most recent, it appeared in November 2008. Oddly enough, if your keyboard is configured in Ukrainian, it won't affect you...



     



  • 6.  RE: Question on Symantec ThreatCon Level - Have we ever hit Level 3 or Level 4 before?

    Posted Nov 10, 2009 09:30 AM

    I'm beginning to love this thread! Thanks - and don't forget BRAIN............. 1987, I think the first or one of the first.
    And one of the most prolific boot viruses, FORM, with (insert nasty word) to corrin or similar message, probably a jilted boyfriend wrote that one from the message hidden in the code.

    CIH - man, generated a lot of myths and wives tales of all these infected BIOSs, when in reality, ONLY certain BIOS from a certain BIOS maker in Korea could be impacted! It's impact was thus limited, but suddenly we got dozens of calls from folks really thoroughly convinced that their BIOS was now totally infected with a virus and it was spreading fast.
    Too many "viruses" were more FICTION than fact back then. Rumors of monitors, video cards and modems totally BLOWN TO BITS by the latest virus. Then come along the SPOOFs, or chain letters warning of the next "big one" that CNN and Microsoft were warning there was no known protection from. Yeah, right, give me a break.

    I recall when loveletter hit us - we broke the code before most others did and found protection and prevention for it, but not before it did a lot of damage. Further, when we were able to show how it got in and who opened it first (a company OFFICER!!) she so thoroughly denied it, that it became a politically hot issue in the company and IT was told "drop it, she said she didn't so she didn't".

    IF my floppies from the 90's are any good, I've got a box of several disks infected with various viruses - several boot viruses, several EXE/COM infectors. I bet those floppies are shot from sitting around, but it was quite a collection I had. Some were rather obscure, from the former Soviet Union as our folks traveled a lot over there and brought back infections that only a Russian AV product could detect and remove! Seriously!

    And then there were the years that a certain fellow associated with a certain AV product (not Symantec!!) became the big "cryer of wolf" warning us of impending doom each March (can you figure that one out?), or each time the "next big one" was to hit. We all got to the point we laughed and mocked these warnings of doom for all.