Feeds

Computer virus threats on the decline?

Not a bumper crop

  • alert
  • submit to reddit

Next gen security for virtualised datacentres

Many security analysts agree that there has been an apparent fall in virus attacks in 2002, but they still warn potential victims to keep their guard up.

In July UK-based anti-virus company Sophos said that it had detected and protected against 3,279 new viruses in the first six months of 2002. And during this period, the single most prevalent virus was Klez-H, which was first reported in March 2002. But in the same six-month period in 2001, the company said that it detected and protected against 6,127 new viruses, almost twice as many as this year.

More significantly, while the top ten viruses in the first half of 2001 included Badtrans (W32/Badtrans-A), Hybris (W32/Hybris-B) and a few other notable baddies, this period was before the arrival of Code Red, SirCam and Nimda, some of the most destructive bugs to hit the Net. By the end of 2001 the company said it had dealt with over 11,200 new viruses, worms and Trojan horses in the year.

Why virus activity has fallen off in the first half of the year remains unclear. But Bruce Hopkins, head of information security services at KPMG in Dublin, believes that a number of factors have contributed to the trend.

According to Hopkins, last year's highly effective virus attacks on computer systems have raised the bar for virus makers for two reasons. First, malware creators often want to create bugs that are entirely new and as time passes this becomes more difficult and subsequently fewer viruses appear. The second factor, which relates to the first, is that new anti-virus software and systems, put in place in the wake of last year's deadly worms and Trojan horses, are much more capable of coping with new threats.

Indeed, most new anti-virus software products are far more effective against so-called "script kiddies," or virus makers that build elementary worms and viruses using a common computer code, such as visual basic scripting. Furthermore, companies that were hit with some of 2001's worst computer attacks are now far more diligent in updating their e-security measures.

"It's not easy to say why things have slowed down, I just know there is less of problem than before," Hopkins told ElectricNews.Net. "This year, I am not getting the panicked calls from clients about major security breeches."

Hopkins did however note that the infamous Klez bug has done some notable damage this year, and that virus makers are continually looking at new ways to invade and corrupt systems. He pointed to a virus specifically designed to attack SAP systems as a sign that more trouble could be ahead. "The SAP virus didn't work, but eventually someone could come up with something that does," he noted. "The real test of the danger of a virus is how much damage it does in the few hours after its release [and before anti-virus measures are available]."

Moreover, e-security companies are often reluctant to say that the worst threats are gone because there is always potential for more dangers around the corner. And as always, their mantra remains in place; update e-security software and install patches as soon as they become available.

© ENN.

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.