Well, I am still waiting around to be hit by Zotob. In fact, almost everyone I talk to is still waiting… or not really waiting.
Now, I understand the need for news during the dog days of summer, but isn’t anyone else a bit embarrassed by all the press being given to Zotob? Did anyone else catch Symantec’s master move to start counting infected "corporations" rather than systems (I think I am being sarcastic here)? Anybody else sense some deja vu and notice any convenient disregard of certain data points regarding diminishing time-to-exploit? I read today someone who was trying to compare Zotob to Nimda. Not – Even – Close. At one point, I actually wondered whether the worm writer was actually targeting the media directly since they seem to be the only people affected.
I really feel like a heretic here, pointing out the obvious, but I really want people to understand. The threat is real. It’s just that this isn’t the threat. Parading a problem that isn’t a problem (perhaps to sell software?) really demeans the entire profession. Remember, we are supposed to be able to ASSESS THE RISK not parade around pounding our chests for no apparent reason.
The true impact of Zotob is simply to inappropriately increase everyone’s confidence level: "Gee, we didn’t get hit by Zotob while everyone else did! We must be doing something right! (Hmm, I wonder if we’re spending too much money on security)."
The threat is real. It’s just that this isn’t the threat.