http://www.philly.com/mld/philly/business/technology/3848828.htm Aug. 12, 2002 LONDON (Reuters) - The first half of 2002 has been an eerily quiet period for the computer experts on watch for worms and viruses, leaving some to trumpet their effectiveness even as their predictions of doom are now looking overblown. Nobody has a bullet-proof explanation, but theories range from the introduction of enhanced anti-virus software to stiffer anti-hacker laws to more vigilant computer users. Last year, security experts calculate, the Code Red, Nimda and Sircam worms caused billions of dollars worth of damage, knocking out computer networks for days and forcing companies to scramble for patches to prevent recurring attacks. The wave of intrusions put anti-virus firms in the spotlight. They warned companies to fortify their networks against these unseen invaders or risk losing precious time and resources in network outages and lost files. For the unprepared, they said, things would get worse in 2002. But with the exception of Klez, a persistent email worm making the rounds since earlier this summer, there's been little cause for alarm. ``Klez is the biggest case of the year and that's it,'' said Mikko Hypponen, manager of anti-virus research at Finland's F-Secure. ``That's a big surprise to us and to everybody else in the anti-virus community.'' Hypponen last year warned viruses would spread to mobile computing devices, including pocket PCs and so-called smart phones, a prediction that has yet to materialise. In 2001, F-Secure issued nine ``Level One'' virus warnings, a label it uses to signify the most damaging outbreaks. This year the number is zero, Hypponen said. Other monitoring firms report similar findings. UK-based Sophos Anti-Virus is detecting 600 to 700 new virus types per month, nearly half as many as a year ago, said Graham Cluley, a senior technical consultant at Sophos. Ohio-based security firm Central Command, Inc. reported a month-on-month decline in July. Other firms say the number of viruses in circulation remains steady compared to last year, but the infection rate has declined, which suggests that preventative measures and new security software are proving effective. The lull in hacking and virus-writing has caught the attention of U.S. federal agents too. Marcus Sachs, a spokesman for infrastructure protection in the 10-month-old U.S. Office of Cyberspace Security, told Reuters at last week's DefCon hacker conference in Las Vegas that it's an encouraging, if not puzzling development. ``Have we seen a change in the mindset of the hacking community?... Or patriotism? Or are we doing a better job getting the word out about vulnerabilities and patching systems?'' he asked rhetorically. Regardless, ``it's a reversal of the trend we saw last year.'' A number of explanations could help explain the downward trend. Corporations are taking extra steps to shore up their computer networks, a development the anti-virus community points to as a big victory, and they have limited employees' email freedoms. Also, newer versions of anti-virus software are particularly effective against the more rudimentary worms and viruses using a common computer code exploited by young virus writers, known in the industry as ``script kiddies.'' A decline in cybercrime has been attributed to new laws too. The U.S. Patriot Act, enacted shortly after September 11, and a new bill, The Cybersecurity Enhancement Act, call for a maximum prison term ranging from 10 years to life for hacking and virus-writing offences. It's adding up to an unsettling proposition. A drop in virus activity, even if it proves short-lived, comes at a rough time for the competitive young computer security sector. A number of firms emerged to cash in on the demand for security help in the past few years. ``For the anti-virus industry in general, a slow-down would not be very good,'' said F-Secure's Hypponen. ``But I'd love to see it happen. It would free up the resources for us to do something other than fight a problem that shouldn't even be there in the first place.'' Others are convinced it's too early to claim victory and determine winners and losers. ``It's the calm before the storm. There will be a next one,'' warned Urs Gattiker, scientific director at EICAR, European Institute for Computer Anti-Virus Research. ``The problem is if we have to wait too long for it, will we be too complacent, and not be able to fight it off?'' - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Aug 13 2002 - 05:02:41 PDT