July 2004
Digital terror
A review of recent viruses and worms invading your PC.
“We had a digital revolution in the 1990s- now we’ve slid into digital terror”. Lashing out at the digital chaos triggered worldwide by virus attacks, Bruce Sterling, a renowned author of Internet security books and futuristic novels isn’t the only one grim with such pessimistic views. John C. Dvorak from PC World went as far as to call the entire global computer environment flawed and that it should brace itself for the worst events that are yet to come. “All I see is a disaster waiting to happen in an environment that invites disaster,” says Dvorak. And one can hardly blame them. With a record 959 new viruses released in a month, May alone will be remembered not only for the 70 bloody deaths in Karachi but also for the deadliest worm attacks in history. Topping the list are the Sasser and the Netsky worms that have accounted for around 80% of those attacks. Sasser is spreading at breakneck speed because it relies on exploiting the vulnerabilities of the operating system to create huge volumes of traffic that bring entire networks to a halt. Some variants also install ‘back-door’ programs allowing a second virus such as Dabber to invade the system. Netsky is far more sinister with its various variants capable of turning machines into zombies that can be remotely controlled by hackers to send huge volumes of spam. At present these two are in wide circulation on the Web infecting all machines that have little or no protections. New viruses don’t require a machine to open an email attachment to infect it; all they require are systems with an Internet connection. Increasingly many of them such as the two mentioned previously employ sophisticated pieces of software called bots which are powerful stealth programs that turn compromised PCs into obedient soldiers waiting for orders to broadcast spam or log-ins. Already cases have been reported where hacking specialists called bot-herders assemble thousands of zombie machines and use them to extort money from gambling sites. This is done by bullying the site with millions of bogus requests so it isn’t able to transact bets until it pays up. The most noticeable part of all this virus saga is that the prime target of all the recent virus attacks have been the Windows operating systems especially its NT-based versions: Windows XP and Windows 2000. Although it is true that Windows is strife with security holes, the main basis however isn’t because other operating systems such as Linux are necessarily more secure-infact Symantec already has reported that it has found three Linux viruses in the wild since the start of 2004. But the reason is that since Microsoft’s Windows powers more than 90% of the world’s PCs, a virus abusing any one of its security lapses has an appreciable effect globally. Now with the final version of Service Pack 2 for the XP operating system all set to be released this summer, the boys at Microsoft have been kept occupied with their Virus Information Alliance (VIA) cell: This promises to keep them away for a while from the development of LongHorn (due for release in 2005). After the recent series of worms that wrecked havoc with their reputation, Microsoft has become more vigilant in improving its security measures and is increasingly desperate to nab the virus writers. In fact when Sasser surfaced, the group at VIA went into the ‘immediate response’ phase within an hour as reported in eWeek: “From there, the chase was on. Microsoft’s internal analysts and security and forensics experts worked round the clock with the help of law enforcement officials and outside specialists to analyze Sasser code, searching for any clue that might lead them to the worm’s creator. And in this case, after a week of long hours, hard work and not a little bit of luck, the effort paid off with the arrest and indictment of an 18-year-old German man who authorities say has confessed to writing not only Sasser but the Netsky family of viruses as well.” Actually it was the dough from Bill Gates that did the trick for Microsoft. According to CNET’s News.com: “The Sasser computer worm may mark a turning point for law enforcement’s ability to catch and prosecute computer virus authors. The reason: Enticed by a US$250,000 reward, an informant came forward to leak information on the person who wrote and released the Sasser worm.”But in these trying times some still have a reason to smile. Thanks to the explosion of cybercrime, the business of tracking down hackers called ‘cybersleuth’ business has gotten a major boost. The New York Times reports that: “From identity theft to bogus stock sales to counterfeit prescription drugs, crime is rife on the Web. But what has become the Wild West for cyber criminals has also developed into a major business opportunity for cybersleuths. One of the most well-known is Kroll Ontrack, a technology services provider based in New York. Others include ICG Inc. in Princeton; Decision Strategies in Falls Church; and Cyveillance in Arlington all started in 1997.”As long as technology keeps on evolving, we will be faced with virus and worm attacks. Our only defense is our Anti Virus and Firewalls which quite shockingly not many people use even now. Do you?
The Potter Virus
Virus writers may take inspirations from Hollywood flicks. Take for example a recent variant of the Netsky worm that has been targeting children with promises of material from their Hogwarts hero. Arriving in the form of an email attachment with ‘Harry Potter’ as the file name, innocent youngsters find themselves lured into opening it and infecting their family PCs.
A review of recent viruses and worms invading your PC.
“We had a digital revolution in the 1990s- now we’ve slid into digital terror”. Lashing out at the digital chaos triggered worldwide by virus attacks, Bruce Sterling, a renowned author of Internet security books and futuristic novels isn’t the only one grim with such pessimistic views. John C. Dvorak from PC World went as far as to call the entire global computer environment flawed and that it should brace itself for the worst events that are yet to come. “All I see is a disaster waiting to happen in an environment that invites disaster,” says Dvorak. And one can hardly blame them. With a record 959 new viruses released in a month, May alone will be remembered not only for the 70 bloody deaths in Karachi but also for the deadliest worm attacks in history. Topping the list are the Sasser and the Netsky worms that have accounted for around 80% of those attacks. Sasser is spreading at breakneck speed because it relies on exploiting the vulnerabilities of the operating system to create huge volumes of traffic that bring entire networks to a halt. Some variants also install ‘back-door’ programs allowing a second virus such as Dabber to invade the system. Netsky is far more sinister with its various variants capable of turning machines into zombies that can be remotely controlled by hackers to send huge volumes of spam. At present these two are in wide circulation on the Web infecting all machines that have little or no protections. New viruses don’t require a machine to open an email attachment to infect it; all they require are systems with an Internet connection. Increasingly many of them such as the two mentioned previously employ sophisticated pieces of software called bots which are powerful stealth programs that turn compromised PCs into obedient soldiers waiting for orders to broadcast spam or log-ins. Already cases have been reported where hacking specialists called bot-herders assemble thousands of zombie machines and use them to extort money from gambling sites. This is done by bullying the site with millions of bogus requests so it isn’t able to transact bets until it pays up. The most noticeable part of all this virus saga is that the prime target of all the recent virus attacks have been the Windows operating systems especially its NT-based versions: Windows XP and Windows 2000. Although it is true that Windows is strife with security holes, the main basis however isn’t because other operating systems such as Linux are necessarily more secure-infact Symantec already has reported that it has found three Linux viruses in the wild since the start of 2004. But the reason is that since Microsoft’s Windows powers more than 90% of the world’s PCs, a virus abusing any one of its security lapses has an appreciable effect globally. Now with the final version of Service Pack 2 for the XP operating system all set to be released this summer, the boys at Microsoft have been kept occupied with their Virus Information Alliance (VIA) cell: This promises to keep them away for a while from the development of LongHorn (due for release in 2005). After the recent series of worms that wrecked havoc with their reputation, Microsoft has become more vigilant in improving its security measures and is increasingly desperate to nab the virus writers. In fact when Sasser surfaced, the group at VIA went into the ‘immediate response’ phase within an hour as reported in eWeek: “From there, the chase was on. Microsoft’s internal analysts and security and forensics experts worked round the clock with the help of law enforcement officials and outside specialists to analyze Sasser code, searching for any clue that might lead them to the worm’s creator. And in this case, after a week of long hours, hard work and not a little bit of luck, the effort paid off with the arrest and indictment of an 18-year-old German man who authorities say has confessed to writing not only Sasser but the Netsky family of viruses as well.” Actually it was the dough from Bill Gates that did the trick for Microsoft. According to CNET’s News.com: “The Sasser computer worm may mark a turning point for law enforcement’s ability to catch and prosecute computer virus authors. The reason: Enticed by a US$250,000 reward, an informant came forward to leak information on the person who wrote and released the Sasser worm.”But in these trying times some still have a reason to smile. Thanks to the explosion of cybercrime, the business of tracking down hackers called ‘cybersleuth’ business has gotten a major boost. The New York Times reports that: “From identity theft to bogus stock sales to counterfeit prescription drugs, crime is rife on the Web. But what has become the Wild West for cyber criminals has also developed into a major business opportunity for cybersleuths. One of the most well-known is Kroll Ontrack, a technology services provider based in New York. Others include ICG Inc. in Princeton; Decision Strategies in Falls Church; and Cyveillance in Arlington all started in 1997.”As long as technology keeps on evolving, we will be faced with virus and worm attacks. Our only defense is our Anti Virus and Firewalls which quite shockingly not many people use even now. Do you?
The Potter Virus
Virus writers may take inspirations from Hollywood flicks. Take for example a recent variant of the Netsky worm that has been targeting children with promises of material from their Hogwarts hero. Arriving in the form of an email attachment with ‘Harry Potter’ as the file name, innocent youngsters find themselves lured into opening it and infecting their family PCs.
posted by Salman Siddiqui | 9:22 AM
0 Comments:
Post a Comment
<< Home