Saturday, May 15, 2021

Viruses, Worms Up The Ante

Security analysts are warning corporate administrators to stay vigilant and keep their software patched and up-to-date as viruses and worms continue to grow in sophistication and potential for damage.

“Each time we see something, we see more complexity,” says Dan Woolley, a vice president at Reston, Va.-based SilentRunner, Inc., a security company under the parent umbrella of Raytheon. “As that complexity gets greater, the more chance we have of getting hit really badly. This is getting much more serious.”

The recent release of the W32.Bugbear worm sent up yet another warning flag to security analysts and those fighting the virus battle. The mass-mailing computer virus reportedly accounted for approximately 320,000 infected email messages, attacking systems running the Windows operating system and an unpatched version of Internet Explorer V5.5.

“It’s part of the ongoing blended threat issue that we’re facing,” says Woolley. “Bugbear wasn’t a lethal worm. We haven’t seen any lethal payloads yet, but the technology is there that they can be deployed. This is part of the progression. They’re becoming much broader and they’re using different technologies to get at the systems.”

Woolley says there has been a definite progression in the sophistication and dangerousness of viruses and worms. And other analysts agree that the industry is on the cusp of an evolution in computer worms — those malicious programs that replicate themselves and can spread automatically over the network from one machine to another, wreaking havoc as they go. That evolution is bringing a new breed of problems for network and security administrators.

Woolley says the progression has gone through many progressions or evolutions:

  • designer attacks, (viruses that go after a specific server or application);
  • disguised attacks, (viruses that disassemble and then reassemble inside the network to hide their entrance);
  • blended or hybrid worms (they can propagate themselves and can pack a number of vulnerabilities into one payload).

    The really deadly viruses and worms do exist, says Woolley, but so far they haven’t been released into the wild. But he adds that it’s probably only a matter of time before it happens.

    ‘The Fourth Phase’

    Roger Thompson, technical director of malicious code research at TruSecure, agrees that the industry faces a new phase of attacks.

    “I’ve thought for some time that we’re in for the fourth phase of computer viruses,” says Thompson, who adds that so far the viruses and worms have been fairly easy to stop. “The virus writing skill set and the security skill set have merged. Previously, there were hackers and there were virus writers and they were two worlds that never met. With the advent of Code Red and Nimda last year, we saw a merging of skill sets. They exploited a vulnerability to get started. It’s a blended threat.

    “A lot of people have been thinking just in terms of email worms, but those are just about a done deal,” adds Thompson. “The only things that will be successful will use something other than email. They will find security vulnerabilities, a weak password or a buffer overflow.”

    Analysts generally agree that new attacks are targeting instant messaging, which is quickly gaining momentum in the workplace and on the home computer. Another coming attack may be the sleeper worm, which invades a computer but doesn’t automatically attack the system once it’s in. Instead, the worm will wait for a signal to attack, allowing the attacker to coordinate his efforts.

    “What people have to understand is that the bad guys will throw more things at us that exploit vulnerabilities as they’re discovered,” says Thompson. “Things will come in that don’t require you to say ‘yes’ or click on something. It will just blast in and if you’re not patched and updated, it will hit you. They’re more sophisticated and that’s what’s coming.”

  • Similar articles

    Latest Articles

    How IBM has Changed...

    Think is IBM’s big annual conference, and again this year, it was digital. I’m noticing a sharp quality difference in shows like this where...

    Database-Tuning Platform Launches and...

    PITTSBURGH — A team out of Carnegie Mellon University is launching its automatic database-tuning product today with the help of $2.5 million in funding.   OtterTune,...

    Top 10 Professional Services...

    Professional services automation (PSA) software aims to offer service-based companies most of the software they will need to run their businesses in one package....

    What is Data Aggregation?

    Data aggregation is the process where raw data is gathered and presented in a summarized format for statistical analysis. The data may be gathered...