Virus Attacks: It’s Bad Out There and Getting Worse

My last blog entry about a particularly nasty virus attack on my business system prompted INN Editor-in-Chief Pat Speer to remark to me that things were getting pretty wild out there in cyberspace, and she could not be more correct. 

Virtually every Internet source I could find has documented increases in most kinds of malware over previous years, and predicted more doom and gloom for the years to come. But why should this be so? A whole new (and very profitable) industry has grown up around virus protection, and most of us are at least marginally aware that we need to do something to protect ourselves against intrusions, whether they be from disaffected pre-teens with nothing better to do, or from multi-national criminal syndicates who are making untold volumes of money by stealing information and often funneling the funds to terrorist organizations. 

Yet the problem continues to worsen and carriers, agents and brokers need to beware lest their customer data be compromised or stolen—a hellish nightmare in an industry that sells itself on trust. 

One reason this awful trend continues is that the bad guys and their products continue to be moving targets. Once upon a time, viruses were static pieces of software that, once recognized, could be easily dealt with. Today, however, malefactors don’t just build a virus program and keep using it, because once the virus is out there, software and security application vendors can get a look at it and develop a fix. Instead, just as with biological viruses, the bad guys continue to crank out mutations, or changes that will make the virus invisible to fixers and/or negate whatever efforts the good guys make to get rid of the offending apps. As a result, even though your anti-virus software will tell you that it has profiles on hundreds of thousands of viruses, it’s likely that the software doesn’t know about the newest variant just developed in Bulgaria, or some other far-flung place. 

Another reason is that the viruses themselves have been engineered to be more resistant to efforts to block or eliminate them. For example, the bug that attacked my systems kept hiding its own file names (or possibly changing them). Thus, tracking down the malicious files in order to delete and incinerate them became a true “cat and mouse game,” as Pat Speer called it. To make matters worse, it also did damage to one of my anti-virus programs, making it impossible for me to do a scan with that particular application. 

Yet another contributor to the increased success of malware attacks is that they are cleverly engineered to look like beneficial software. The malware that struck my system popped up out of nowhere and informed me that several evil-sounding bugs that posed a significant threat to my systems had infected my computer. The program used graphics that looked very much like Windows’ own security messages, and it is easy to imagine that many users would fall into the trap of downloading the “fix,” which is really more malware. 

I knew better, though; I wasn’t about to download any phony application. The problem, however, was that the virus went ahead and downloaded itself when I tried to close it out. When you think about it, there is virtually no way to defend yourself against such an attack short of sophisticated intrusion detection systems that are not widely installed. If experienced users can be victimized, how much worse will less seasoned users be hit? 

This is a losing battle, my friends, and unless the security industry steps up and starts marketing better intrusion and detection systems, it will only get worse. It could actually get to the point where larger enterprises will severely limit Internet access to a select number of computers or dumb terminals, which won’t be directly connected to the network. While that seems unthinkable given the way we do business in this day and age, we may in the end have no choice.