[ISN] MoD claims answer to email viruses

From: InfoSec News (isnat_private)
Date: Mon Apr 23 2001 - 23:59:12 PDT

  • Next message: newsletter-adminsat_private: "[ISN] Linux Security Week - April 23 2001"

    Stuart Millar, technology correspondent
    Tuesday April 24, 2001
    The Guardian
    The days of the global email virus may be numbered. Ministry of
    Defence scientists have developed software that could prevent
    devastating, worldwide, mail-borne infections such as the infamous
    love bug.
    Amid mounting concern in government and industry about the threat from
    virus-laden emails, the defence evaluation and research agency (Dera)
    says it has produced a simple but effective way of containing
    malicious viruses before they get the chance to spread to other
    computers and cause real damage.
    The ease with which a well-designed virus can circumnavigate the globe
    was highlighted last May when millions of people received an email
    with the heading ILOVEYOU. Within hours the virus in the email -
    subsequently dubbed the love bug - caused an estimated 2bn of damage
    as it immobilised computer systems, hitting large companies such as
    News International, Microsoft and the BBC.
    The virus, which was traced to the Philippines, was able to spread so
    rapidly because its first act on being opened by unsuspecting users
    was to send itself to every name in the users' email address books.
    Since then email-borne virus attacks have increased, although none has
    created the same chaos. The latest big outbreak was in February when
    millions of people opened up a virus masquerading as an email picture
    of the Russian tennis player Anna Kournikova; it replicated itself
    around the world at twice the rate of the love bug.
    These outbreaks have shown up the vulnerability of email systems. Even
    the best security procedures can fail through computer users opening
    their unsolicited messages and letting loose the virus.
    The Dera software, to be unveiled today in London, is claimed to
    provide the answer. Based on research to protect highly sensitive
    government documents and computer systems from attack, the package
    turns conventional anti-virus thinking on its head: instead of
    attempting to stop the virus getting in, it prevents it from getting
    out and damaging other machines.
    The principle behind the software, named ::Mail, appears simple -
    whenever users try to send an email, ::Mail shows a box on the screen
    telling them what they are sending to whom, and asking them to confirm
    the command. If the user unwittingly opens an infected email which
    then tries to replicate itself, the box will appear, warning them that
    the computer is trying to send emails. Although their own computer
    will be infected, with a click of the mouse, they will be able to
    prevent the virus escaping.
    The new software is heavily protected from attack, removing the
    possibility of virus writers producing a code able to override the
    Simon Wiseman, who led the team which developed the software, said
    yesterday: "Because most of the work we do is for the MoD we're
    experienced at preventing confidential information from getting out
    when it shouldn't. This is an extension of that basic principle. While
    every other anti-virus company has concentrated on stopping things
    getting in, we are shutting down the propagation channels so that any
    damage is contained in the machines of those opening the infected
    ISN is hosted by SecurityFocus.com
    To unsubscribe email LISTSERVat_private with a message body of

    This archive was generated by hypermail 2b30 : Tue Apr 24 2001 - 00:03:22 PDT