Bagle catches firms off guard

The virus appears timed to hit companies on holiday

The latest virus outbreak to hit the headlines is the Bagle worm, which was first spotted in Australia; however, its subsequent spread has been global and appears engineered to hit companies hardest when they are under-resourced.

The spread has been rapid, with many antivirus companies hastily updating their warning status on Monday from lower settings to high risk levels.

Jack Clark, product manager at McAfee, said: "We know of about six major enterprise customers who have been hit very hard by this virus and we believe the timing of its launch is no coincidence."

"This virus appears to have been timed to coincide with Martin Luther King Jr day in the US and the Chinese New Year," he added, warning that many companies in those two major online nations will be on holiday when it strikes.

However, despite the timing, Clark believes that suggestions that Bagle is set to become the next Sobig, with some analysts warning of multiple variants with increasing levels of severity, are wide of the mark.

"I doubt they could have repeat success with this virus," Clark told "I've heard suggestions that this is 'the next Sobig' but it's very easy to just say that about any virus which comes along from now on."

"I don't see this as anything special," he added.

So far, MessageLabs has seen more than 80,000 copies of Bagle -- and according to Paul Wood, the company's chief information security analyst, "this number is rising at an alarming rate."

However, Wood agrees with Clark's belief that the virus is nothing special, citing "unsophisticated social engineering techniques" and its clearly displayed executable attachment.

However, the added factor of striking at a time when staff have been off work, either returning from the weekend or from a public holiday, may be enough to catch some users off-guard and cause the virus to spread during the next few days.

As always, the advice is to be wary of any email where you cannot vouch for the sender, the message content and the attachment.