Tomorrows Virus—Fast Moving and Deadly: The Sum of Our Fears?

By David Coursey  |  Posted 2004-06-24 Print this article Print

Opinion: The CEOs of two security companies put a scare into David Coursey as they describe how much damage the bad guys could do if they really try.

Recent virus outbreaks only hint at an even more dangerous future, say two security company CEOs I sat down with recently. One was the CEO and co-founder of Zone Labs, Gregor Freund; the other was John Patzakis, CEO of Guidance Software, publisher of computer forensics and incident response applications. While some of todays viruses have been serious problems, Freund said they are not nearly as evil as whats possible if the bad guys really try. So far, weve seen evil viruses and fast-moving ones, but what if? Well, heres how the Zone Labs boss describes the scenario: "Imagine the destructive power of the Witty worms payload, which progressively destroyed disk contents, sector by sector, combined with the transmission vector of an MS Blast or a Sasser," Freund said. But if that isnt bad enough, it gets worse. "Not to give anyone ideas, but what if such a combo targeted the security infrastructure or something like anti-virus updates?"
Click here to read why Security Center Editor Larry Seltzer says that when it comes to anti-virus, the old-fashioned way is still best.
That scenario was as bad as Freund was willing to discuss during our talk, which took place on-stage during a conference I recently hosted for the Software and Information Industry Association. Freund and Patzakis spoke with consultant Rob Enderle and myself. By the end of the half-hour chat, I think Rob joined me in wanting to rush home and completely disconnect the computers from the Internet and the increasingly dangerous outside world. Freund said the security model we use today needs to move from reactive defenses, like patches and signature-based protection (such as current anti-virus software), to more proactive defenses capable of defending a system against previously unknown threats. This matters, he said, because the time lag between publication of a newly discovered vulnerability and the discovery of a new virus ready to exploit the vulnerability has dropped to 24 hours or less. That means the bad guys are moving more quickly than before and are using the good guys efforts to improve security against everyone who doesnt immediately get the patch or signature update. Next Page: The problem with patches.

One of technology's most recognized bylines, David Coursey is Special Correspondent for, where he writes a daily Blog ( and twice-weekly column. He is also Editor/Publisher of the Technology Insights newsletter and President of DCC, Inc., a professional services and consulting firm.

Former Executive Editor of ZDNet AnchorDesk, Coursey has also been Executive Producer of a number of industry conferences, including DEMO, Showcase, and Digital Living Room. Coursey's columns have been quoted by both Bill Gates and Steve Jobs and he has appeared on ABC News Nightline, CNN, CBS News, and other broadcasts as an expert on computing and the Internet. He has also written for InfoWorld, USA Today, PC World, Computerworld, and a number of other publications. His Web site is

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel