Security analysts are warning corporate administrators to stay vigilant and keep their software patched and up-to-date as viruses and worms continue to grow in sophistication and potential for damage. “Each time we see something, we see more complexity,” says Dan Woolley, a vice president at Reston, Va.-based SilentRunner, Inc., a security company under the parent […]
      Datamation content and product recommendations are
            editorially independent. We may make money when you click on links
            to our partners.  
 
Learn More
   
Security analysts are warning corporate administrators to stay vigilant and keep their software patched and up-to-date as viruses and worms continue to grow in sophistication and potential for damage.
“Each time we see something, we see more complexity,” says Dan Woolley, a vice president at Reston, Va.-based SilentRunner, Inc., a security company under the parent umbrella of Raytheon. “As that complexity gets greater, the more chance we have of getting hit really badly. This is getting much more serious.”
The recent release of the W32.Bugbear worm sent up yet another warning flag to security analysts and those fighting the virus battle. The mass-mailing computer virus reportedly accounted for approximately 320,000 infected email messages, attacking systems running the Windows operating system and an unpatched version of Internet Explorer V5.5.
“It’s part of the ongoing blended threat issue that we’re facing,” says Woolley. “Bugbear wasn’t a lethal worm. We haven’t seen any lethal payloads yet, but the technology is there that they can be deployed. This is part of the progression. They’re becoming much broader and they’re using different technologies to get at the systems.”
Woolley says there has been a definite progression in the sophistication and dangerousness of viruses and worms. And other analysts agree that the industry is on the cusp of an evolution in computer worms — those malicious programs that replicate themselves and can spread automatically over the network from one machine to another, wreaking havoc as they go. That evolution is bringing a new breed of problems for network and security administrators.
Woolley says the progression has gone through many progressions or evolutions:
designer attacks, (viruses that go after a specific server or application);
 disguised attacks, (viruses that disassemble and then reassemble inside the network to hide their entrance);
 blended or hybrid worms (they can propagate themselves and can pack a number of vulnerabilities into one payload).
The really deadly viruses and worms do exist, says Woolley, but so far they haven’t been released into the wild. But he adds that it’s probably only a matter of time before it happens.
‘The Fourth Phase’
Roger Thompson, technical director of malicious code research at TruSecure, agrees that the industry faces a new phase of attacks.
“I’ve thought for some time that we’re in for the fourth phase of computer viruses,”  says Thompson, who adds that so far the viruses and worms have been fairly easy to stop. “The virus writing skill set and the security skill set have merged. Previously, there were hackers and there were virus writers and they were two worlds that never met. With the advent of Code Red and Nimda last year, we saw a merging of skill sets. They exploited a vulnerability to get started. It’s a blended threat.
“A lot of people have been thinking just in terms of email worms, but those are just about a done deal,” adds Thompson. “The only things that will be successful will use something other than email. They will find security vulnerabilities, a weak password or a buffer overflow.”
Analysts generally agree that new attacks are targeting instant messaging, which is quickly gaining momentum in the workplace and on the home computer. Another coming attack may be the sleeper worm, which invades a computer but doesn’t automatically attack the system once it’s in. Instead, the worm will wait for a signal to attack, allowing the attacker to coordinate his efforts.
“What people have to understand is that the bad guys will throw more things at us that exploit vulnerabilities as they’re discovered,” says Thompson. “Things will come in that don’t require you to say ‘yes’ or click on something. It will just blast in and if you’re not patched and updated, it will hit you. They’re more sophisticated and that’s what’s coming.”
- 
Huawei’s AI Update: Things Are Moving Faster Than We Think FEATURE |  By Rob Enderle,
 December 04, 2020
 
- 
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era ARTIFICIAL INTELLIGENCE |  By Guest Author,
 November 18, 2020
 
- 
Key Trends in Chatbots and RPA FEATURE |  By Guest Author,
 November 10, 2020
 
- 
Top 10 AIOps Companies FEATURE |  By Samuel Greengard,
 November 05, 2020
 
- 
What is Text Analysis? ARTIFICIAL INTELLIGENCE |  By Guest Author,
 November 02, 2020
 
- 
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
 October 29, 2020
 
- 
Dell Technologies World:  Weaving Together Human And Machine Interaction For AI And Robotics ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
 October 23, 2020
 
- 
The Super Moderator, or How IBM Project Debater Could Save Social Media FEATURE |  By Rob Enderle,
 October 16, 2020
 
- 
Top 10 Chatbot Platforms FEATURE |  By Cynthia Harvey,
 October 07, 2020
 
- 
Finding a Career Path in AI ARTIFICIAL INTELLIGENCE |  By Guest Author,
 October 05, 2020
 
- 
CIOs Discuss the Promise of AI and Data Science FEATURE |  By Guest Author,
 September 25, 2020
 
- 
Microsoft Is Building An AI Product That Could Predict The Future FEATURE |  By Rob Enderle,
 September 25, 2020
 
- 
Top 10 Machine Learning Companies 2020 FEATURE |  By Cynthia Harvey,
 September 22, 2020
 
- 
NVIDIA and ARM: Massively Changing The AI Landscape ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
 September 18, 2020
 
- 
Continuous Intelligence: Expert Discussion [Video and Podcast] ARTIFICIAL INTELLIGENCE |  By James Maguire,
 September 14, 2020
 
- 
Artificial Intelligence: Governance and Ethics [Video] ARTIFICIAL INTELLIGENCE |  By James Maguire,
 September 13, 2020
 
- 
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI FEATURE |  By Rob Enderle,
 September 11, 2020
 
- 
Artificial Intelligence: Perception vs. Reality FEATURE |  By James Maguire,
 September 09, 2020
 
- 
Anticipating The Coming Wave Of AI Enhanced PCs FEATURE |  By Rob Enderle,
 September 05, 2020
 
- 
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
 August 14, 2020
 
SEE ALL
ARTICLES