www.cnn.com/2000/TECH/computing/01/18/virus.boom.idg/index.html
BUSINESS 10 SPORTS * 11 TECHNOLOGY 12 computing 13 personal technology 14 SPACE 15 HEALTH 16 ENTERTAINMENT 17 BOOKS 18 TRAVEL 19 FOOD 20 ARTS & STYLE 21 NATURE 22 IN-DEPTH 23 ANALYSIS 24 myCNN 25 Headline News brief 26 news quiz 27 daily almanac MULTIMEDIA: 28 video 29 video archive 30 audio 31 multimedia showcase 32 more services E-MAIL: Subscribe to one of our news e-mail lists. Enter your address: Or: 33 Get a free e-mail account 34 E-MAIL DISCUSSION: 35 message boards 36 chat 37 feedback CNN WEB SITES: 38 CNN Websites 39 AsiaNow 40 En Espaol 41 Em Portugus 42 Svenska 43 Norge 44 Danmark 45 Italian FASTER ACCESS: 46 europe 47 japan TIME INC. InfoWorld Image (IDG) -- Year-2000 viruses proved to be as impotent as the infamous year-2000 bug itself. As the long-anticipated date approached, fears grew that hackers would take advantage of the millennium to launch new attacks. If it rears its head, it will do something unexpected the hallmark of a Trojan horse. In this case, the unexpected action is simply that the program with the bug is still running. Such year-2000 problems are a direct consequence of the fact that programmers never expected their code to last so long. Although year 2000 didn't initiate the onslaught of viruses expected, the proliferation of computer viruses today has been ushered in by technical innovations such as the Internet that created infinite opportunities for unsuspecting technology users to be thwarted. A hacker's dream Imagine an exploding population of homogeneous organisms, with each one able to initiate intimate contact with any other. Add a small group of wily predators who love to tinker with the forces of nature, and the stage is set for artificially induced epidemics. Not only do the unscrupulous have a bigger field to play in, they also have tools that are easier to use and potentially more dangerous. As it becomes easier to use, we will see more mobile virus code," Viveros says, adding that this kind of mobile virus code is particularly scary because it can be activated simply by surfing to a Web site. It can also be argued that Microsoft is a victim of its own success when it comes to malicious code. It is precisely because Windows is the predominant platform that almost all attacks are targeted at the Windows environment. And most of these are completely impotent on the Macintosh. Steve Lipner, manager of the security response team at Microsoft, points out that because Java is cross platform, it might offer an even more tempting target for hackers. Most analysts and users agree that it is only a matter of time before the invasion of the bad applets begins. However, analysts tend to support all of the above concerns. And while they, too, stress the need for calm, they also caution against complacency. Krantz emphasizes that businesses need to find the right balance when implementing an anti-virus solution. In other words, productivity lost from constant software upgrades can easily be greater than the productivity lost from a new virus. No-hands attack strategy Two of the biggest anti-virus vendors, NAI and Symantec, are scrambling to make their anti-virus code smart enough to automatically upgrade only when necessary. This method has yet to be proven, but if successful, it could give network managers a little more breathing room. Anti-virus software operates by scanning for a match with a signature file. These signatures are the fingerprints that identify malicious code. Signature scanning technology is mature, and the software is now quite effective. But no matter how good the software is, it can't finger a new virus unless that virus's signature is known and filed in a repository. When viruses used to spread primarily via "sneakernet," upgrades to such databases every few months were usually adequate to protect most networks. But Web and e-mail viruses have increased the rate of transmission by several orders of magnitude. This is why NAI and Symantec are working to completely automate the process of providing signature updates. NAI calls it the AutoImmune system, and Symantec has its Digital Immune system. Neither is fully functional yet, but both employ heuristic technology to identify suspicious code. The code is analyzed, and if it is indeed malicious, experts will create both a signature file and a fix. These will then be sent via the Internet as automatic upgrades. This last concern is a direct consequence of the new methods employed by hackers "We aren't just scanning for binary code inside an executable anymore," Krantz says. At the same time, IT can count on anti-virus vendors to work on fighting the latest exploits. RELATED STORIES: 89 Protect against Trojan Horses January 17, 2000 90 Windows 2000 virus: Stunt or preview? RELATED SITES: 100 Forrester Research 101 Symantec Antivirus Center Note: Pages will open in a new browser window External sites are not endorsed by CNN Interactive.
|
http://csua.com/feed/