http://www.guardian.co.uk/uk_news/story/0,3604,477356,00.html Stuart Millar, technology correspondent Tuesday April 24, 2001 The Guardian The days of the global email virus may be numbered. Ministry of Defence scientists have developed software that could prevent devastating, worldwide, mail-borne infections such as the infamous love bug. Amid mounting concern in government and industry about the threat from virus-laden emails, the defence evaluation and research agency (Dera) says it has produced a simple but effective way of containing malicious viruses before they get the chance to spread to other computers and cause real damage. The ease with which a well-designed virus can circumnavigate the globe was highlighted last May when millions of people received an email with the heading ILOVEYOU. Within hours the virus in the email - subsequently dubbed the love bug - caused an estimated 2bn of damage as it immobilised computer systems, hitting large companies such as News International, Microsoft and the BBC. The virus, which was traced to the Philippines, was able to spread so rapidly because its first act on being opened by unsuspecting users was to send itself to every name in the users' email address books. Since then email-borne virus attacks have increased, although none has created the same chaos. The latest big outbreak was in February when millions of people opened up a virus masquerading as an email picture of the Russian tennis player Anna Kournikova; it replicated itself around the world at twice the rate of the love bug. These outbreaks have shown up the vulnerability of email systems. Even the best security procedures can fail through computer users opening their unsolicited messages and letting loose the virus. The Dera software, to be unveiled today in London, is claimed to provide the answer. Based on research to protect highly sensitive government documents and computer systems from attack, the package turns conventional anti-virus thinking on its head: instead of attempting to stop the virus getting in, it prevents it from getting out and damaging other machines. The principle behind the software, named ::Mail, appears simple - whenever users try to send an email, ::Mail shows a box on the screen telling them what they are sending to whom, and asking them to confirm the command. If the user unwittingly opens an infected email which then tries to replicate itself, the box will appear, warning them that the computer is trying to send emails. Although their own computer will be infected, with a click of the mouse, they will be able to prevent the virus escaping. The new software is heavily protected from attack, removing the possibility of virus writers producing a code able to override the security. Simon Wiseman, who led the team which developed the software, said yesterday: "Because most of the work we do is for the MoD we're experienced at preventing confidential information from getting out when it shouldn't. This is an extension of that basic principle. While every other anti-virus company has concentrated on stopping things getting in, we are shutting down the propagation channels so that any damage is contained in the machines of those opening the infected message." ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 00:03:22 PDT