Systems that the trojan has infected are vulnerable to attackers gaining root access to the machine. Even systems that the trojan has not infected may also be vulnerable. It is imperative that all machines are checked to ensure that the most recently available security patches have been applied to them. If an attacker has the ability to break into a system, the attacker also has the ability to obtain any data stored on that system as well as any data that is accessible to that system from the network. Additionally, it is also possible for an attacker to maliciously alter that data or destroy it.
Given the nature of this trojan, it is likely that the attacker is scanning to find as many hosts as possible to infect with it, and not seeking to steal data from or damage the data contained on any of the systems infected. However, it must be assumed that any system compromised with this trojan has had data stolen from or damaged until further inverstigation can prove otherwise.
While a system on our network is not likely to be the target of an attack, when the trojan is awaked and an attack is launched, our network is likely to become saturated with the traffic necessary to deny service to the target of the attack. In this case, network response time will become slow if there is any response at all. In addition, our service provider will likely turn our access to the Internet off until such time as we are able to contain and disable the attacks originating from within our network.
To minimize the effects of this trojan, please provide the IT department with your full cooperation in eradicating it from our network. Please check each of your systems to ensure that you are not infected with the trojan. Methods for finding and removing the trojan are detailed in the technical advisory available from the IT department.
If the trojan is found to be running on any of your systems, please shut
down the infected system and contact the IT department immediately for
remediation. Please also ensure that your system is running with
the latest available security patches from the vendors of any software
that you are running. Contact the IT department for assistance.