Feeds

Computer virus threats on the decline?

Not a bumper crop

  • alert
  • submit to reddit

3 Big data security analytics techniques

Many security analysts agree that there has been an apparent fall in virus attacks in 2002, but they still warn potential victims to keep their guard up.

In July UK-based anti-virus company Sophos said that it had detected and protected against 3,279 new viruses in the first six months of 2002. And during this period, the single most prevalent virus was Klez-H, which was first reported in March 2002. But in the same six-month period in 2001, the company said that it detected and protected against 6,127 new viruses, almost twice as many as this year.

More significantly, while the top ten viruses in the first half of 2001 included Badtrans (W32/Badtrans-A), Hybris (W32/Hybris-B) and a few other notable baddies, this period was before the arrival of Code Red, SirCam and Nimda, some of the most destructive bugs to hit the Net. By the end of 2001 the company said it had dealt with over 11,200 new viruses, worms and Trojan horses in the year.

Why virus activity has fallen off in the first half of the year remains unclear. But Bruce Hopkins, head of information security services at KPMG in Dublin, believes that a number of factors have contributed to the trend.

According to Hopkins, last year's highly effective virus attacks on computer systems have raised the bar for virus makers for two reasons. First, malware creators often want to create bugs that are entirely new and as time passes this becomes more difficult and subsequently fewer viruses appear. The second factor, which relates to the first, is that new anti-virus software and systems, put in place in the wake of last year's deadly worms and Trojan horses, are much more capable of coping with new threats.

Indeed, most new anti-virus software products are far more effective against so-called "script kiddies," or virus makers that build elementary worms and viruses using a common computer code, such as visual basic scripting. Furthermore, companies that were hit with some of 2001's worst computer attacks are now far more diligent in updating their e-security measures.

"It's not easy to say why things have slowed down, I just know there is less of problem than before," Hopkins told ElectricNews.Net. "This year, I am not getting the panicked calls from clients about major security breeches."

Hopkins did however note that the infamous Klez bug has done some notable damage this year, and that virus makers are continually looking at new ways to invade and corrupt systems. He pointed to a virus specifically designed to attack SAP systems as a sign that more trouble could be ahead. "The SAP virus didn't work, but eventually someone could come up with something that does," he noted. "The real test of the danger of a virus is how much damage it does in the few hours after its release [and before anti-virus measures are available]."

Moreover, e-security companies are often reluctant to say that the worst threats are gone because there is always potential for more dangers around the corner. And as always, their mantra remains in place; update e-security software and install patches as soon as they become available.

© ENN.

3 Big data security analytics techniques

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.