Friday, June 11, 2004

VIRUS: Who's Getting Rich on Computer Viruses?

NewsFactor Network - Network Security - Who's Getting Rich on Computer Viruses?

By Justine Brown
Enterprise Security Today
June 9, 2004 2:42PM

"If you're that good of a programmer, you have a bright future ahead, but it's not in writing viruses," said David Perry of Trend Micro. "We need to continue to pursue and apprehend and punish virus writers, and put out the message this is not acceptable behavior."

Computer viruses cost businesses and consumers around the world billions of dollars each year. So who -- if anyone -- is profiting from viruses? And if no one is profiting, what is the motivation behind virus creation? The answers are not completely clear.

"Almost all viruses are written for the same reason that people put graffiti on walls," said David Perry, global director of education at Trend Micro Latest News about Trend Micro. "It's simply a desire to claw their initials into the middle of your hard drive."

Yet, recent events have uncovered what may be a new trend: spammers paying virus writers to create worms that plant an open proxy, which the spammer then can use to forward spam automatically. Many suspect this occurred with the SoBig virus.

Spam Engines

"Worm authors are using their worms to become spam engines," said Christian Byrnes, senior vice president of technology research services at Meta Group Latest News about Meta Group. "The worm spreads itself over the Internet and then into people's computers. It doesn't do any damage; it just becomes a spam pass-through -- an e-mail relay. The spammer can then send an address list and a piece of spam, and the person's home computer will send out thousands of e-mails to people all over the world without their knowledge."

With increasing numbers of states passing legislation banning spam, and Internet service providers cracking down on those that abuse their systems, worms may be the next-best choice for spammers.

Using worms to send spam via such paths makes it extremely difficult to identify the item as spam and to trace the true sender.

Opportunistic Spammers

But it is also possible that spammers are using such open proxies without having any connection to the virus writers, according to Perry.

"They can scan the Internet looking for open proxies. Someone might have found SoBig and reported it to other spammers to use. We don't have any hard evidence that the SoBig writer received any money," he said.

Looking for Mischief

If the spam connection does not exist, then who is creating viruses? Primarily kids, Perry maintains -- and increasingly, groups of kids. "As we move forward, we're seeing a change in the nature of virus writing," he said.

"Instead of one kid sitting down and writing a computer virus Latest News about computer virus, now we get an Internet club of kids writing viruses together. Between them, they put out something that's a lot bigger technology than one of them could put out alone."

But most viruses are poorly written programs that are not difficult to create. "The famous Anna Kournikova virus was written by a kid that didn't know any computer programming at all," said Perry. "He went to a Web site that generated the virus for him."

Both Perry and Byrnes reject any speculation that virus companies themselves generate viruses to create a market for their products. "If we were doing that, the FBI would have uncovered it by now," said Perry.

Future Not Bright

Despite crackdowns and well-publicized arrests, such as that of the 18-year-old German student charged last month with creating the Sasser virus, the creation of new viruses is not likely to end anytime soon. The Sasser arrest may chill virus writing briefly, but as another generation of teenagers emerges, it will likely pick up again.

Preventing the spread of such viruses, therefore, is a more effective strategy than trying to stop them altogether.

Much of that effort involves education, and efforts are being made on a national level. In April, the Department of Homeland Security and the National Science Foundation announced an agreement to co-sponsor and expand the existing NSF Federal Cyber Service: Scholarship for Service program. The partnership will help strengthen cyber security by promoting higher-education courses that increase the number of information-security professionals trained to protect public- and private-sector I.T. systems.

Ethics Message

Meanwhile, Perry currently is working with a task force created to increase awareness of, and education about, computer viruses. Part of that effort involves trying to get an ethics message across to kids likely to write viruses.

"It's hard not to make it sound cheesy," he said. "We want to tell them we aren't impressed. If you're that good of a programmer, you have a bright future ahead, but it's not in writing viruses. We need to continue to pursue and apprehend and punish virus writers, and put out the message this is not acceptable behavior."

User education is also critical. Much of what causes viruses to spread can be summed up as "social engineering," according to John Pescatore, vice president and research fellow at Gartner Research.

Perry agreed.

"The love letter virus said, 'I love you.' Everyone wants to be loved, so they opened it," Perry said. "The Anna Kournikova virus said, 'Here's a naked picture of Anna Kournikova,' and everyone wanted to see a naked picture of Anna Kournikova, so they clicked on it. When addressing the dynamic of computer security, there's a large component of it that simply has to do with educating users not to open documents that could contain viruses."


Post a Comment

<< Home

Get Firefox!