Posted on 01/05/2003 5:07:41 PM PST by ex-Texan
Computer Virus Outlook: Bigger Trouble Ahead!
By Matthew Broersma
The year 2002 may have been a relatively quiet for virus attacks, but security experts say that this is likely to be the calm before the storm. In 2003, they say, new breeds of computer attacks are likely to emerge that are capable of knocking out millions of computers around the Internet in a matter of minutes.
"These techniques are now being discussed, and algorithms are being made available," said Mikko Hypponen, manager of anti-virus research at F-Secure. "It's just a matter of time before somebody tries them out in the real world."
The concepts under discussion, Hypponen said, are known as a Warhol worm--so called because it could create a huge outbreak in 15 minutes--and a flash worm, which could do the same thing in 15 seconds.
"The typical reaction time to a major new incident is two to three hours. If (the attack) takes 15 minutes, you have no chance," Hypponen said.
Experts have different theories as to why there have been fewer major virus attacks in 2002 than the previous year, but there is no denying that the difference has been marked. F-Secure ranked nine attacks in 2001 as Level 1--the most serious ranking--but only two as of late 2002. In 2001 there were 43 Level 2 attacks, dropping to 13 by late 2002.
"What's special was 2001. That was by far the worst year in history. Out of the 10 largest virus cases ever, seven of them happened (in 2001)," Hypponen said. "This year has been a bit quiet, but it has not been that different from 2000."
He argues that tougher anti-terrorism legislation in the wake of the 11 September attacks has had some impact on how virus writers behave, and noted that more attacks began to show up beginning around 11 September, 2002. A September 11-themed virus was found, though it did not make headlines, and shortly afterwards the destructive Slapper and Bugbear worms hit the Internet.
Upping the ante
Eric Chien, chief researcher for Symantec Security Response, argues that cybercriminals have been struggling throughout 2002 to deal with the advances made in virus destructiveness in late 2001. "There used to be things like Loveletter, which were script viruses written in plain English text. Script kiddies were copying them, modifying them and distributing new variants," he said. "But with Code Red and Nimda, those things are difficult to create. You have to understand the code underlying them, low-level things like assembly code and operating systems. It's harder now to get the fame and glory."
An innovation of Nimda and Code Red was that they did not rely on users downloading and executing an e-mail attachment. "They use hacker exploits in combination with viruses so that they can execute on their own. You can now be infected without your downloading anything or knowing anything about it," said Chien. "Really what has happened is that the bar has risen on how fast and how hard viruses can hit."
The Linux-based Slapper worm included an innovation that is likely to reappear in a more dangerous form in the future: it establishes a peer-to-peer network among affected servers, enabling a hacker to take over the servers and use them to attack another Web location--known as a distributed denial of service attack (DDoS). Another watermark security event in 2002 was the attack on the root servers of the domain name system (DNS), which translates Web domain names such as zdnet.co.uk into numeric Internet protocol addresses.
While the attack caused little damage, security experts say it was probably just a test. "It was a rather trivial attack... and all but four of the servers went down," Chien said. "In the past, corporations were worried about their e-mail server, but today that's the least of their worries. If there are no packets going across the Atlantic, it doesn't matter if your e-mail server is up or down."
(Excerpt) Read more at msn.com.com ...
(1) Try using a form of web mail to screen your emails with an intermediate level of security, and (2) Think about using a local T-1 source for your ISP and avoid major ISP providers like AOL.
I believe when the first really big Virus attack happens, it will wipe out half the computers using AOL. Just my opinion folks .... Just my personal feelings.
Feel free to flame away.
This service was set up originally for people 'on the go' who need to access email from hotel rooms or outside the office. Basically, I use the service all the time and have disabled my regular email system 'Outlook Express.'
When the new Viruses are released, I fear that hackers will find a way to infect a website with Trojans and Worms, i.e. merely by logging on to My.ISP.com will infect your computer and fatally crash it.
(though I suspect he already knows about it and is up to date on this subject)
Should probably approach this similar to what is happening in the airline industry.
Close the net when any bimbo does not follow proper netiquette.
Hire government screeners to screen everyone's email.
Do not allow anyone who owns weapons to send email.
Threaten other sovereign nations with armed invasion for possessing email.
(1) Download and use the Mozilla web browser rather than Microsoft's IE. Viruses that target Microsoft's browser are thus thwarted (plus, Mozilla offers tabs and anti-ad popup capabilities built in.) Since IE is the major web browser (like 95%) it is the one that virus creators target.
(2) Don't use Outlook Express for your mail. Use a web based email account where you use your web browser (see point 1) to read and send mail. Thus, you don't copy any mail to your machine, like Outlook does.
(3) Otherwise - anti-virus, firewall, etc - see previous link.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.