Forwarded From: William Knowles <erehwonat_private> (April 28, 1999 12:46 a.m. EDT http://www.nandotimes.com) - Even the most stout-hearted hard drive would shudder. Copies of more than 43,000 computer viruses are kept under lock and key at the Malicious Code Laboratory in rural Pennsylvania, a facility operated by a company that has become the equivalent of the World Health Organization for the data processing industry. "That lab in Carlisle, Pa., has good physical security. You cannot get in without a key card," assures Roger Thompson, the affable, Australian-born technical director for malicious code research for the firm. His company - ICSA Inc., which has its headquarters in a Washington, D.C., suburb - uses the pernicious software to test and certify dozens of commercial security programs that corporations and individuals hope will protect them from malicious hackers. Thompson said the list of known viruses grows by about 1,000 a month, but many of these are simple modifications of older viruses. "Of all of the thousands of viruses we've identified, only about 150 actually get onto very many people's computer desktops. And maybe another 500 or so make it to localized outbreaks," Thompson said. The reason, despite tremendous media hype, is that computer viruses generally have a hard time proliferating. Writers of virus programs have a hard time designing a bug that will attack most personal computers because of the incredible diversity of software that computers use. "There are a few viruses that we call Win32-infectors, because they attack the Windows operating system itself. But these are very hard to write, so we don't see many of them," Thompson said. Instead, virus authors rely upon "macro" programs that attach to specific kinds of software. "We've identified about 4,000 macro viruses that attach themselves to Microsoft Office products. The reason these guys do this is they want their viruses to spread, so they pick popular software," Thompson said. Police arrested David L. Smith, 30, of Aberdeen Township, N.J., last month and charged him with authorship of the "Melissa" virus, which disrupted e-mail systems for several large companies, including Charles Schwab & Co. "Melissa wasn't overly bright. It only targeted Microsoft Mail, which isn't all that popular. But the guy found a good way to get his virus to spread," Thompson said. The program gummed up e-mail systems by sending out thousands of versions of itself, as well as pornographic Web site passwords and addresses. Despite its simplicity and the severe limitations on the kinds of software it attacks, Melissa received enough news coverage to accelerate security concerns for businesses that increasingly rely upon the Internet. "We are now a wired world," said Laurie W. Wagner, senior vice president for marketing at ICSA. "So security has become an issue for everyone, from simple consumer marketing to business-to-business transfer of critical information." Wagner said anti-virus programs and other software designed to protect computer equipment are expected to grow from a $5 billion industry in 1997 to $25 billion by 2003. That's a lot of money in order to stop a handful of bored and mostly youthful mischief-makers. "A lot of them truly are kids," Thompson said. "I've met one guy who used to be known as 'Storm-Bringer' who has come across from the dark side. He was an intelligent young man who just decided to grow up. It was clear that this (virus writing) was something he did just because he knew how." Measures to defeat "hackers" - computer enthusiasts who delight in gaining access to private, often sensitive, computer files using telephone lines or the Internet - are also becoming big business. Internet security services alone are projected to grow from a $4.6 billion market in 1996 to $11.6 billion within three years. ICSA computers at its Reston, Va., headquarters endlessly look for ways that hackers could break into corporate data systems. Once identified, these "back doors" are either closed or given "firewall" software protection to prevent unwanted outside access across the Internet. "Frequently, we find a lot of undocumented Web addresses that companies didn't know about," Wagner said. Hackers can gain access to an entire computer system through an unprotected site on the Web. "We conducted a scan for one company that had more than 1,000 undocumented sites," she said. "They were pretty surprised." -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Hacker News Network [www.hackernews.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:22:48 PDT