Feeds

Computer virus threats on the decline?

Not a bumper crop

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

Many security analysts agree that there has been an apparent fall in virus attacks in 2002, but they still warn potential victims to keep their guard up.

In July UK-based anti-virus company Sophos said that it had detected and protected against 3,279 new viruses in the first six months of 2002. And during this period, the single most prevalent virus was Klez-H, which was first reported in March 2002. But in the same six-month period in 2001, the company said that it detected and protected against 6,127 new viruses, almost twice as many as this year.

More significantly, while the top ten viruses in the first half of 2001 included Badtrans (W32/Badtrans-A), Hybris (W32/Hybris-B) and a few other notable baddies, this period was before the arrival of Code Red, SirCam and Nimda, some of the most destructive bugs to hit the Net. By the end of 2001 the company said it had dealt with over 11,200 new viruses, worms and Trojan horses in the year.

Why virus activity has fallen off in the first half of the year remains unclear. But Bruce Hopkins, head of information security services at KPMG in Dublin, believes that a number of factors have contributed to the trend.

According to Hopkins, last year's highly effective virus attacks on computer systems have raised the bar for virus makers for two reasons. First, malware creators often want to create bugs that are entirely new and as time passes this becomes more difficult and subsequently fewer viruses appear. The second factor, which relates to the first, is that new anti-virus software and systems, put in place in the wake of last year's deadly worms and Trojan horses, are much more capable of coping with new threats.

Indeed, most new anti-virus software products are far more effective against so-called "script kiddies," or virus makers that build elementary worms and viruses using a common computer code, such as visual basic scripting. Furthermore, companies that were hit with some of 2001's worst computer attacks are now far more diligent in updating their e-security measures.

"It's not easy to say why things have slowed down, I just know there is less of problem than before," Hopkins told ElectricNews.Net. "This year, I am not getting the panicked calls from clients about major security breeches."

Hopkins did however note that the infamous Klez bug has done some notable damage this year, and that virus makers are continually looking at new ways to invade and corrupt systems. He pointed to a virus specifically designed to attack SAP systems as a sign that more trouble could be ahead. "The SAP virus didn't work, but eventually someone could come up with something that does," he noted. "The real test of the danger of a virus is how much damage it does in the few hours after its release [and before anti-virus measures are available]."

Moreover, e-security companies are often reluctant to say that the worst threats are gone because there is always potential for more dangers around the corner. And as always, their mantra remains in place; update e-security software and install patches as soon as they become available.

© ENN.

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.