@RISK Online - The Security Blog

Web Hosting by Netfirms | Free Domain Names by Netfirms

[Main Index] [Next entry: "Can you keep a secret?"]

08/12/1999: "Viruses: Then and Now"

Then: "This computer is stoned"
Now: "Hey Tom, Here's the list you asked for!"

Computer viruses and the people who engineer them have grown smarter and more devious as technology has grown. Early computer viruses would attach themselves to executable files (either .COM or .EXE), or would infect diskettes and hard drives. They were silent, irritating, and sometimes devastating. They were commonly passed via floppy diskette when sharing files between one computer and another. They had such names as Stoned and Anti.Exe. That was then.


Now... Enter Melissa, Explorer.Zip, and all their many variants. Today's viruses are so smart they can literally call you by name and present you with a file of information that you "asked for". They are being passed by email, and taking advantage of macro languages to perform automated tasks, such as responding to all mail in your inbox! Because they automatically mail themselves out as soon as they infect a new machine, they can propagate at, literally, Internet Speed.

These new viruses employ a technique referred to as "Social Engineering". They present themselves in a manner designed to lower your defenses and reduce suspicion. If you received an email with an attachment from an unknown person (let's say John Smith) you would probably hesitate before opening the attached file. You might even take the precaution of saving the file to disk and scanning it with an updated virus detection tool. But instead you receive an email from your friend, your secretary, or your coworker in the next cube, which says "Here's the list you asked for". You probably don't remember asking for any list, but Hey... this is your friend, your coworker. You're busy. You've probably forgotten, but here's that vital information you needed. You open the attachment and find a simple word document with a list of adult web sites. Certainly not something you'd ask one of your friends or coworkers for. You delete the message, or file it away to investigate later.

You've just become a victim! And not just you, but as many as 50 of your friends and coworkers could now receive a similar email message from you. That's the beauty and the ugliness of the latest strain of computer viruses propagating around the Internet. It's brilliant, and devious! This isn't a file you downloaded from a web site (you'd certainly check something like that for viruses). This was just an innocent message from someone that you know.

The best defense is a good offense. In this case, the best defense is education. Everyone needs to be informed of this new threat. Policies for the handling of email and file attachments should be updated. Anti-Virus software should be installed on every computer, and on all servers. The virus definitions should be updated monthly at a minimum. Any files received via email or on a floppy should be saved to disk and scanned before opening. But with all this said and done, it still comes back to individual people. Education is the key to fighting this type of threat. After all, if the "bad guys" are getting smarter... shouldn't we?

Navigation:

My Blogroll:

Security Advisories:

Defacements Archive:

Security News:

Security Tools: