Print
Discuss
Send to friend
RSS feedsThis week Luis Corrons, head of PandaLabs, warns of the added workload that IT departments face from new forms of malware.
It seems that 2004 is becoming the year of 'other' malware, not just viruses and worms.
This is not to say that there have been, or will be, fewer viruses or epidemics. Rather that new threats such as diallers, spyware or spam are adding to the security workload. And these threats must be taken into account when designing security policies.
Viruses will no doubt continue to appear, possibly even more than before. But the increased presence of other malware means that good antivirus defence on its own is no longer enough. Users also need to have specific tools for specific threats.
The reason for the increase in new malware is purely financial. Many unscrupulous users have realised, for instance, the money-making potential of installing diallers. They can reconnect modem users to premium-rate phone numbers, steal bank or credit card details or sell databases to dubious marketing companies.
Spam is likely to continue causing misery. Not only is a huge amount of time wasted reading and deleting it, junk mail carries the risk of being used as a means of propagation for viruses and other malicious code.
Hacker attacks are also on the increase, facilitated by the rise in backdoor Trojans and hacking tools in recent months.
And virus creators are continuing their quest to uncover vulnerabilities in popular software to spread their creations as widely as possible. This is a strategy that has been increasing in popularity, often with devastating results.
Since January, when MyDoom appeared, we have seen a number of new worms, most notably all the variants of Netsky and Bagle. A new kind of computer virus epidemic has emerged.
The culprit in this case is not just one virus but a variety of malicious code, launched from the internet at the same time, making the probability of a computer being infected extremely high.
The reason for this change in virus writers' strategy is easy to understand, considering that antivirus companies are developing vaccines to combat new viruses very shortly after detection and, in some cases, offering specific tools to eliminate them.
It is easy to see that if many viruses appear over a short period of time, there is a far greater probability of being infected by one of them. Under these conditions, the hundreds of infected email messages reaching inboxes makes users more likely to run one of these malicious programs.
Even a slight delay in updating antivirus protection, or simply downloading an infected file from a peer-to-peer network, can considerably increase the probability of falling victim to infection.
Under these circumstances, a virus may start off with a bang, infecting a large number of computers over a short space of time. But as users can now rapidly and easily detect and eliminate them, their lifespan is cut short.
The time when a virus could hang around for years is now in the past, leaving those responsible for malicious software to look for other avenues.
See also:
An increasing number of web users are inadvertently downloading software which can trap ID and password information for online bank accounts. 22 Sep 2004
Virus writers cash in with latest breed of email threat 17 Aug 2004Survey of 650,000 consumer PCs found 18 million instances of spyware 16 Jun 2004
'Dark forecast' as Windows users warned of new family of viruses 04 May 2004
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack. 15 Apr 2004All Hacking
del.icio.us
Digg this
reddit!
