July 28, 2004

MyDoom is Back, but DeepNines Doesn't Fear the Zero Day Attack

DALLAS, TEXAS - When the MyDoom.M virus started making its rounds on Monday, it caused the same kind of trouble as it did earlier this year ­ that is, for unprotected or unprepared networks. Those networks protected at the edge with DeepNines Security Platform from DeepNines Technologies had nothing to fear.

This new version of MyDoom, called MyDoom.M, which propagates through e-mail and file-sharing services, was reinvented and clever enough to create Denial of Service issues to some of the most popular search engines for a short time. MyDoom.M clones itself by sending e-mails to addresses from address books and files. It then generates large amounts of TCP traffic destined for some of the most popular search engines. This represents a blended threat ­ in this case, a zero-day DoS attack.

DeepNines President and COO Dan Jackson. "MyDoom.M is an attack against which companies have a difficult time protecting themselves on Zero Day ­ unless they can monitor the increased activity generated by the virus at the entry or exit point of the company. Our security platform sits invisibly in front of the network's router and monitors all network activity, detects the uncommon traffic behavior and will block the anomalous traffic to avoid further consumption of network resources."

These new threats evolve at a rapid rate, meaning companies must be prepared to deal with threats that are upcoming ­ not just those that have already taken place. Many anti-virus security programs are purely reactive, and a zero-day attack can devastate the networks they are supposed to be protecting. Viruses like MyDoom illustrate the importance of layered security, and that layered security should always begin outside the farthest edge of the network ­ outside the router.

DeepNines continues to monitor and protect its customers' networks from the new versions of MyDoom and a host of other known and unknown threats. As a result, customer networks are functioning properly, and those customers have been able to conduct business as usual.

About Deep Nines Inc. DeepNines offers a scalable security platform for Global 2000 companies with a vertical market focus in education, government, telecommunications, energy and financial services. The DeepNines Security Edge PlatformT integrates intelligent firewall, intrusion prevention, best-of-breed secure content management, forensics and reporting. It operates outside the network infrastructure, improving organizations' security "deep into the nines." DeepNines' Security Edge Platform, the company's patent-pending security system, is a fully automated signature and behavior-based, intrusion prevention and traffic management system preventing known and unknown attacks from entering an organization's network. The Security Edge Platform runs on Solaris and Linux platforms from Sun Microsystems. To learn more about Deep Nines visit www.deepnines.com.