Virus writers strive for more deadly destruction

As virus writers mature the style of attacks on corporate groups is shifting away from ILoveYou bug variants to a more targeted and deadly realm of destruction, a leading US security expert warned last week.

Describing the ILoveYou bug as yesterday's news, McAfee president Gene Hodges said virus writers have matured, orchestrating more specific and sophisticated attacks.

"The 15-year-old virus writer of the past who couldn't get a date is now the 25-year-old IT professional of today; although he still can't get a date, he is now an accomplished programmer," Hodges said.

Targeted attacks on essential services is a new trend that is emerging and Hodges cited an example where a virus writer attacked a system which operated dykes in the Netherlands "flooding thousands of acres of land".

Outlining security trends over the next three years, Hodges said the scenario has moved from serious productivity impact to "something worse" where the attacks are very focused.

He estimated the damage of virus attacks for the year 2000 to be around $20 billion worldwide.

"Virus trends reflect the maturing process of the writer; they are becoming more strident and if you look at the social structure built on the Internet we have real cause for concern," Hodges said.

"One of the biggest threats in coming years is from disgruntled employees and government agencies are certainly concerned about this trend; most government infrastructure could be trashed by good virus writers."

Disgruntled employees will be a significant problem in the private sector, Hodges said, particularly following the Nasdaq shakeout earlier this year.

He said corporate attacks from competitors will also increase along with a rise in targeted viruses from burnt out dotcoms.

"We are witnessing a lot of dotcom restructuring where people who worked 16-hour days for many years are being laid off and have cause for malicious intent," Hodges said.

"In Silicon Valley over the next year we will see a large number of people who are unhappy as dotcoms go bankrupt and there is little access to capital.

"We worked with a manufacturing company 12 months ago that had to lay off a large number of staff; soon after that the company received 20 virus variants within 30 days as codes were handed out among former staff."

To stay one step ahead of attacks, Hodges said virus samples are shared between the major vendors and government agencies through a body of virus researchers called CARO, which has 26 "invited" members.

Described by Hodges as a secret society with ‘encrypted handshakes' members are rabid about certain codes of ethics and they are highly critical of any irresponsible acts by companies.

If a company over hypes a virus other CARO members will put pressure on them to behave appropriately.

"Five years ago when a virus broke out most customers were happy if you had a cure to them in a couple of months; today it's a response game which has to be fixed within hours," Hodges said.

"We have to tightly script what our researchers do when a virus is discovered because there are so many people to contact; we start with the FBI, CIA, Interpol and Microsoft followed by our large corporate customers."

Join the newsletter!

Error: Please check your email address.

More about FBIInterpolMcAfee AustraliaMicrosoft

Show Comments

Market Place