New Year to Bring Nastier Viruses Yet
Virus specialist Daniel Zatz is hoping love blossoms for an 18-year-old Dutch woman and that the economies of Eastern Europe pick up.
Zatz, a Sydney, Australia-based security consultant for Computer Associates, warns that more serious viruses are on the cards for 2003 following a lull this year--unless current events and personal lives of known virus-writers change.
About 250 viruses appeared each month in 2002, compared with 400 last year, he says, but the latest ones have been more damaging, with the Klez virus, now in its eighth variant, proving the most prevalent of all.
Zatz says this is because rather than being produced by 18 to 25-year-olds, the "script kiddies", many viruses are being written by 26 or 27-year-olds, often software developers in Eastern Europe "honing their skills" while unemployed.
For example, Zatz remains hopeful that a Dutch woman who goes by the name Gigabyte who wrote the Sharpei virus and maintains a virus-writing Web site, remains busy with her boyfriend hacker. She hasn't produced any viruses for a while.
Viruses continue to evolve, says Zatz, partly by existing virus code being "cut and pasted" into new viruses. For example,
"The real impact of Klez was to drop a virus called Elkern.cav, an 18-month-old virus, as a side-effect. Braid dropped the old Funlove virus as part of its payload," says Zatz.
Looking to next year, Zatz says viruses may be more prevalent and more damaging, with a "tall poppy syndrome" keeping Microsoft as the top target. The software giant is good at putting out patches, he says, but it is "hard for it to keep up."
"Many joke that to create a virus, writers look at the (Microsoft) Web site to get patch details," he says. Virus writers are aware that people don't patch their systems or run out-of-date systems.
The consultant, who participated in a recent series of Computer Associates seminars on security strategy, says almost all of these e-mail viruses have file extensions such as .exe and .bat, which can be filtered out at the e-mail gateway, but many organizations don't bother.
Zatz, who has been in the industry 15 years, says another factor is that IT security is "colliding" with physical security, with organizations also needing to verify their staffers are where they should be and doing what they are supposed to be. A recently launched CA product called eTrust, he says, can analyze user behavior so employers can see if there is a risk posed by a staffer doing something unusual like working at odd hours.
As for Gigabyte, her Web site talks about a five-member clan called the Contagious Rebels that is seeking more virus writers, hackers, and phreakers. Gigabyte says she has finished school and has been busy working for a computer company, but she is already "making plans for my next virus."