Feeds

Security researchers warn of worm blitzkriegs

cDc for Internet security plan

  • alert
  • submit to reddit

New hybrid storage solutions

Security researchers are warning of the availability of more powerful virus writing techniques, which call for a more co-ordinated approach to combat next generation worms.

In a paper, How to 0wn the Internet in Your Spare Time, Stuart Staniford of Silicon Defense, Vern Paxson of the ICSI centre for internet research and Nicholas Weaver of University of California Berkeley, argue the ability of attackers to rapidly gain control of vast numbers of Internet hosts poses grave security risks. They suggest surreptitious worms, which spread more slowly but are much harder to detect, "could arguably subvert upwards of 10,000,000 Internet hosts".

On a different track they suggest worm writing techniques which could be used to create ultra-virulent worms capable of spreading so quickly that they outflank anti-virus defences. Among the techniques are hit list scanning (which creates a Warhol worm - capable of infecting numerous hosts in 15 minutes), permutation scanning (which enables self co-ordinating scanning), or flash worms (which use enormous hit lists).

Once worms have succeeded in compromising hosts they might be used in denial of service attacks, to steal sensitive information or even destabilise the Internet, according to the researchers.

The analysis is based in large part on a mathematical analysis of the spread of the Nimda and Code Red worms. The risk from the Code Red worm were greatly hyped at the time, but that's not to say that the warning of the researchers is wildly misplaced.

Every time a new virus is released it takes time to spot it, time for AV vendors to develop an antidote and time to distribute this antidote (virus signature definition file). At the industry's annual get together, Virus Bulletin, in Prague last year, concerns were expressed that this approach is in danger of becoming obsolete.

Improvements in the speed of antivirus analysis and management tools are continuing but can only go so far. Meanwhile virus writing s'kiddiots are taking full advantage of the Internet to spread their wares.

Staniford, Paxson and Weaver argue that the possible use of ultra-virulent worms calls for the cyber equivalent of the Centers for Disease Control and Prevention in the US, and they sketch out the role and functions of such an organisation.

The paper will form the basis of a more detailed presentation to be given at the Usenix Security Forum in August. ®

External Links

How to 0wn the Internet in Your Spare Time
-vs-
Why an uber-virus is an impossibility, by Rob Rosenberger of Vmyths.com

Related Stories

Altnet wakes up as worm spreads through KaZaA
Virus writers outpace traditional AV
ISS ranks Net vulnerabilities
Hybrid viruses set to become bigger threat
Firms hit in Nimda mutant outbreak
FBI blows Code Red all-clear
IT giants whacked by Code Red
The Code Red hype Hall of Shame

Secure remote control for conventional and virtual desktops

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Enigmail PGP plugin forgets to encrypt mail sent as blind copies
User now 'waiting for the bad guys come and get me with their water-boards'
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.