Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    IT Losing Ground in Virus Battle

    By
    Dennis Fisher
    -
    February 2, 2004
    Share
    Facebook
    Twitter
    Linkedin

      After years of success deploying more effective and smarter defenses, anti-virus researchers contacted last week in the wake of the MyDoom outbreak acknowledged for one of the first times that the battle may be getting away from them.

      The MyDoom virus, which hit Jan. 26 and infected several-hundred-thousand machines, is the fastest-spreading virus in the history of the Internet, experts said. At its peak late last week, MyDoom had infected one in every 12 pieces of e-mail, according to MessageLabs Inc., a New York-based e-mail security company. MyDoom also is the latest in a line of recent viruses that, while not particularly innovative, have been maddeningly effective.

      /zimages/5/28571.gifTo find out how to remove the MyDoom worm, click here.

      Anti-virus software is an inherently reactive technology, leaving users as the first line of defense against new viruses. But despite endless admonishments to refrain from opening e-mail attachments, whether from home or work, many users continue to be fooled. In fact, whereas most viruses start from home PCs, MyDoom began from inside a corporate network.

      “There are a lot of Fortune 100 companies infected,” said David Perry, global director of education at Trend Micro Inc., in Cupertino, Calif. “Theres nothing entertaining about this.”

      Social engineering tactics such as MyDooms disguising itself as a returned or rejected e-mail message make it harder for users to distinguish legitimate messages from infected ones.

      “[The virus writer] obfuscated the message to the point where it was alluring. The innovation coming out of these guys is slim,” said Ian Hameroff, eTrust security strategist at Computer Associates International Inc., in Islandia, N.Y.

      Virus writers are now loading their creations with extras such as back doors, mail proxies for relaying spam and keystroke loggers for stealing passwords. As a result, theyre guaranteed that the viruses will continue to do damage after theyve been removed from a computer.

      By the end of last week, Symantec Corp. sensors were seeing as many as 2,000 unique machines scanning for PCs listening on port 3217, which is used by the back door MyDoom installs.

      Next page: When will the tide turn?

      2

      All this has left many in the industry wondering when the tide will turn. Much of the problem, experts say, is that security still does not get the attention it deserves inside enterprises. “I think [that executives] are aware that something needs to be done but not what,” said Karen Worstell, chief security officer at AT&T Wireless Services Inc., in Redmond, Wash. “We have to tell them that its not paranoia. Its good sense.”

      Dan Geer, principal scientist at Verdasys Inc., said in his keynote at the Black Hat Briefings conference here that he believes its time for a kind of Centers for Disease Control and Prevention for the Internet. But to work properly, the center would need real-time data from across the Internet, which would require victims to report whats happened to them, something that is exceedingly rare right now.

      For some companies, educating executives and other employees about security issues and best practices has been just as important as any piece of technology for improving security. Premera Blue Cross, a health care company in Mountlake Terrace, Wash., requires that every employee go through a 90-minute training session on security and sends out regular e-mail flashes reminding workers of policies and procedures and warning of new threats.

      Doomed

      The estimated cost of the worst viruses

      • Sobig ($37.1 billion)
      • MyDoom ($22.6 billion)*
      • Klez ($19.8 billion)
      • Mimail ($11.5 billion)
      • Yaha ($11.5 billion)
      • Swen ($10.4 billion)
      • Love Bug ($8.8 billion)
      • Bugbear ($3.9 billion)
      • Dumaru ($3.8 billion)
      • SirCam ($3 billion)
      • As of Thursday, Jan. 29

      Source: mi2g Intelligence Unit

      “We want everyone to know about security. The average top executive doesnt understand security, but we have to change that,” said Allen Kerr, vice president of IT infrastructure and information security officer at Premera. “Security is an imperative. Its no longer just a good idea.”

      Avatar
      Dennis Fisher

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×