MSBlast worm takes down major bank

Scandinavia's largest bank, Nordea, has become the biggest European victim of the MSBlast worm.

The bank was forced to close 80 branches across Finland after the infection found its way into servers in all 440 of the bank's offices.

Pete Simpson, manager of ThreatLab at Clearswift, said: "I'm surprised they were caught out. From the number of branch closures and the apparent extent of the problem it doesn't seem as though this is a one off. It would appear to suggest there was something fundamentally wrong with the IT security procedures which were in place."

He added: "All the big players saw this coming a mile away and were patching like crazy."

Although Nordea has said a team of technical experts have been brought in to flush out the problem, Simpson suggested such reactive behaviour is a poor substitute for protecting yourself against infection in the first place.

Nordea told Reuters that the infection had not affected its online banking system - but consumers may disagree.

While no actual breach of the online banking system has reportedly taken place, news that a bank has been hit by any kind of digital attack will resonate with members of the public already careful about banking online.

Such news is a PR nightmare for banks and should serve as a reminder of the importance of an effective patching strategy, warned Simpson.

"Your patching strategy needs to be intelligent and timely," he said.

In general Simpson believes the MSBlast worm is passing reasonably painlessly.

"I'm feeling pretty good about this outbreak," he said. "I thought this was going to be bigger than Code Red or Slammer but luckily it was very poorly programmed," he added stating that while the vulnerability was widespread enough to threaten serious spread and impact, the actual quality of the worm sent to exploit it was poor.

Nordea was unavailable for immediate comment.