Virus outbreak 'troubles' security experts

The first sign of surrender in the war against virus writers has emerged after security captains heard the number of malicious programs released into the wild is doubling every 18 months.



Speaking at the 28th annual gathering of IT leaders at the PC Forum, security experts admitted a new wave of virus attacks is targeting millions of healthy PCs at a disturbingly rapid pace.



Stewart Baker, policy secretary for the US Department of Justice, reportedly told delegates in California that the influx of attacks is "on the same curve as Moore's Law" – effectively doubling in number every 18 months.



The carefree release of malicious programmes into the wild has reached such an alarming level that it "keeps me up at night," Baker was quoted as saying in The Financial Times.



"The prospect that …someone will let loose something whose actual consequences they don't really understand is really quite troubling," he said.



Concern was echoed from Stratton Sclavos, chief executive at Verisign, the company which control registrations for the .com domain until 2012.



He reportedly said an investment of £17million for protective solutions is needed to combat the growing threat of harmful viruses to internet infrastructure.



"Our biggest worry is whether we can stay ahead in this race," Stratton said, referring to the working pace of virus writers in 2006.



"In the last few weeks we've seen new forms of attack on the broad-based infrastructure…the new forms of attack are taking over legitimate computers, potentially millions at a time, all send a part [of the attack] and you're looking to shut down those IP addresses but those are our legitimate customers."



In particular, IT leaders heard the process of domain testing is making it harder for Verisign and enforcement agents to separate legitimate .com addresses from phishing portals and hoax websites.



The problem of the five-day trial period for new .com sites is compounded, given the last 18 months has seen registrations to Verisign soar from around 500,00 a week to seven million.



The infrastructure company reportedly claims its hands are tied in dealing with the attacks, citing shackles imposed by ICANN, the Internet Corporation for Assigned Names and Numbers, the not for profit Californian group.



Verisign says new measures to combat the rapid pace of cyber attacks are to be drawn up over the next six months, with some form of consultation expected.



The company's iDefense security experts, who provide security intelligence to the US government, says the number of vulnerabilities in the wild last year was 84 per cent higher than reports received in 2004.



To coincide with the security fears, a PhD student from Norway claimed this week to have developed the world's first software that is able to effectively detect attacks by an unknown computer virus.



Tom Lysemose's innovation, codenamed ProMon, cannot prevent an unknown virus from attacking a buffer and the areas around it, but "monitors programs to ensure that they do not do things that they are not programmed to do."



This means the software is able to work within a program, such as the IE web browser, in order to monitor the interaction between the modules.



"As long as the programme performs legitimate transactions between its modules, ProMon does nothing. But if an illegal transaction occurs, ProMon decides a virus has attacked and promptly stops the programme," Lysemose said.












































Mar 16, 2006