[ISN] New computer security dilemma: a lack of viruses

From: InfoSec News (isnat_private)
Date: Tue Aug 13 2002 - 02:29:37 PDT

  • Next message: InfoSec News: "[ISN] Security flaw found in Microsoft Web browser"

    Aug. 12, 2002
    LONDON (Reuters) - The first half of 2002 has been an eerily quiet
    period for the computer experts on watch for worms and viruses,
    leaving some to trumpet their effectiveness even as their predictions
    of doom are now looking overblown.
    Nobody has a bullet-proof explanation, but theories range from the
    introduction of enhanced anti-virus software to stiffer anti-hacker
    laws to more vigilant computer users.
    Last year, security experts calculate, the Code Red, Nimda and Sircam
    worms caused billions of dollars worth of damage, knocking out
    computer networks for days and forcing companies to scramble for
    patches to prevent recurring attacks.
    The wave of intrusions put anti-virus firms in the spotlight. They
    warned companies to fortify their networks against these unseen
    invaders or risk losing precious time and resources in network outages
    and lost files.
    For the unprepared, they said, things would get worse in 2002. But
    with the exception of Klez, a persistent email worm making the rounds
    since earlier this summer, there's been little cause for alarm.
    ``Klez is the biggest case of the year and that's it,'' said Mikko
    Hypponen, manager of anti-virus research at Finland's F-Secure.  
    ``That's a big surprise to us and to everybody else in the anti-virus
    Hypponen last year warned viruses would spread to mobile computing
    devices, including pocket PCs and so-called smart phones, a prediction
    that has yet to materialise.
    In 2001, F-Secure issued nine ``Level One'' virus warnings, a label it
    uses to signify the most damaging outbreaks. This year the number is
    zero, Hypponen said.
    Other monitoring firms report similar findings. UK-based Sophos
    Anti-Virus is detecting 600 to 700 new virus types per month, nearly
    half as many as a year ago, said Graham Cluley, a senior technical
    consultant at Sophos.
    Ohio-based security firm Central Command, Inc. reported a
    month-on-month decline in July.
    Other firms say the number of viruses in circulation remains steady
    compared to last year, but the infection rate has declined, which
    suggests that preventative measures and new security software are
    proving effective.
    The lull in hacking and virus-writing has caught the attention of U.S.  
    federal agents too.
    Marcus Sachs, a spokesman for infrastructure protection in the
    10-month-old U.S. Office of Cyberspace Security, told Reuters at last
    week's DefCon hacker conference in Las Vegas that it's an encouraging,
    if not puzzling development.
    ``Have we seen a change in the mindset of the hacking community?... Or
    patriotism? Or are we doing a better job getting the word out about
    vulnerabilities and patching systems?'' he asked rhetorically.  
    Regardless, ``it's a reversal of the trend we saw last year.''
    A number of explanations could help explain the downward trend.  
    Corporations are taking extra steps to shore up their computer
    networks, a development the anti-virus community points to as a big
    victory, and they have limited employees' email freedoms.
    Also, newer versions of anti-virus software are particularly effective
    against the more rudimentary worms and viruses using a common computer
    code exploited by young virus writers, known in the industry as
    ``script kiddies.''
    A decline in cybercrime has been attributed to new laws too.
    The U.S. Patriot Act, enacted shortly after September 11, and a new
    bill, The Cybersecurity Enhancement Act, call for a maximum prison
    term ranging from 10 years to life for hacking and virus-writing
    It's adding up to an unsettling proposition. A drop in virus activity,
    even if it proves short-lived, comes at a rough time for the
    competitive young computer security sector. A number of firms emerged
    to cash in on the demand for security help in the past few years.
    ``For the anti-virus industry in general, a slow-down would not be
    very good,'' said F-Secure's Hypponen. ``But I'd love to see it
    happen. It would free up the resources for us to do something other
    than fight a problem that shouldn't even be there in the first
    Others are convinced it's too early to claim victory and determine
    winners and losers.
    ``It's the calm before the storm. There will be a next one,'' warned
    Urs Gattiker, scientific director at EICAR, European Institute for
    Computer Anti-Virus Research. ``The problem is if we have to wait too
    long for it, will we be too complacent, and not be able to fight it
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Aug 13 2002 - 05:02:41 PDT