Feeds

Security researchers warn of worm blitzkriegs

cDc for Internet security plan

  • alert
  • submit to reddit

Seven Steps to Software Security

Security researchers are warning of the availability of more powerful virus writing techniques, which call for a more co-ordinated approach to combat next generation worms.

In a paper, How to 0wn the Internet in Your Spare Time, Stuart Staniford of Silicon Defense, Vern Paxson of the ICSI centre for internet research and Nicholas Weaver of University of California Berkeley, argue the ability of attackers to rapidly gain control of vast numbers of Internet hosts poses grave security risks. They suggest surreptitious worms, which spread more slowly but are much harder to detect, "could arguably subvert upwards of 10,000,000 Internet hosts".

On a different track they suggest worm writing techniques which could be used to create ultra-virulent worms capable of spreading so quickly that they outflank anti-virus defences. Among the techniques are hit list scanning (which creates a Warhol worm - capable of infecting numerous hosts in 15 minutes), permutation scanning (which enables self co-ordinating scanning), or flash worms (which use enormous hit lists).

Once worms have succeeded in compromising hosts they might be used in denial of service attacks, to steal sensitive information or even destabilise the Internet, according to the researchers.

The analysis is based in large part on a mathematical analysis of the spread of the Nimda and Code Red worms. The risk from the Code Red worm were greatly hyped at the time, but that's not to say that the warning of the researchers is wildly misplaced.

Every time a new virus is released it takes time to spot it, time for AV vendors to develop an antidote and time to distribute this antidote (virus signature definition file). At the industry's annual get together, Virus Bulletin, in Prague last year, concerns were expressed that this approach is in danger of becoming obsolete.

Improvements in the speed of antivirus analysis and management tools are continuing but can only go so far. Meanwhile virus writing s'kiddiots are taking full advantage of the Internet to spread their wares.

Staniford, Paxson and Weaver argue that the possible use of ultra-virulent worms calls for the cyber equivalent of the Centers for Disease Control and Prevention in the US, and they sketch out the role and functions of such an organisation.

The paper will form the basis of a more detailed presentation to be given at the Usenix Security Forum in August. ®

External Links

How to 0wn the Internet in Your Spare Time
-vs-
Why an uber-virus is an impossibility, by Rob Rosenberger of Vmyths.com

Related Stories

Altnet wakes up as worm spreads through KaZaA
Virus writers outpace traditional AV
ISS ranks Net vulnerabilities
Hybrid viruses set to become bigger threat
Firms hit in Nimda mutant outbreak
FBI blows Code Red all-clear
IT giants whacked by Code Red
The Code Red hype Hall of Shame

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.