Gartner: MyDoom Won't Go Away By ItselfGartner: MyDoom Won't Go Away By Itself

Businesses shouldn't count on MyDoom to go quietly into the night, an analyst at Gartner said this week. Instead, they should aggressively seek out and destroy all instances of the worm.

Users may be complacent, said Gartner analyst Martin Reynolds, because of the widespread impression that it will "self-terminate" on Feb. 12.

"Don't make the mistake of believing that the threat will end on any particular date," Reynolds said in a statement posted on Gartner's Web site. Because MyDoom deploys a back door to infected machines, and in the process creates a legion of "zombie" systems that can be used by hackers to execute additional attacks in the future, "these attacks will likely continue after Feb. 12, and the threat will not end until the MyDoom executable has been removed from all infected PCs," he said.

Businesses should immediately take action to block the ports that MyDoom opens--if they haven't already. More important, they need to scan every network-connected PC for the worm and remove the executable. Companies should also urge their workers to scan their at-home systems--which may be used to connect to the network off-hours--and delete the worm.

Several free tools that scan and eliminate the MyDoom worm are available on the Web from security vendors.