Slashdot Mirror
New Viruses Hit 30-Month High
Mz6 writes "InformationWeek reports that Sophos has analysed and protected against 959 new viruses in May, this is the highest number of new viruses discovered in a single month since December 2001. From Sophos' own TopTen list they continue on to say that the 'Sasser and Netsky worms may have captured the headlines. ...May has seen a noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan ...has done nothing to curb the problem.'"
This is why security at the operating system layer is so important. How many homes and businesses are broken in to every day worldwide? Tens of thousands, I am sure. Computer crime will escalate in the future, to the point that virus software will probably barely be able to keep up.
Laws aren't going to stop this kind of thing, we need better solutions for security that automatically adapt and defend the end user or system they are on.
Isn't it freakin' obvious that computer viruses are written by rebellious and outcast youth who (like most youths) consider themselves invincible? Anyone with the slightest incling of the rebellious mind will recognise that arresting someone for an act will encourage others to commit the same act. German kids used to consider it "kinda wrong" to write and release worms, now the government has gone ahead re-enforced the wrongness of that act. The fact that Microsoft ponied up a cash reward just broadcasts the message that writing and distributing worms really pisses them off (whereas before worm writers had nothing but an assumption). That message is now clear. Hate Microsoft? Wanna rebel against society? Write a worm!
How we know is more important than what we know.
With all these viruses out there you should use this as an advantage to show people Linux or at least install Mozilla on their system so they wont open as many possible viruses in the future. Right now I bet there is a record number of people who are sick of using their computer right now. So it is you chance to be the savior and show them linux (Just the simple stuff web browsing, word processing, Printing, playing MP3) if they are sick enough of windows they will let you give linux a try. If they won't then at least see if they are willing to run Mozilla instead of IE.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Of course the sheer number of computers out there and various OS flaws makes for more virus targets, but as for actual viruses, I attribute this to more people just know how to code. Coding has steadily become something with a large 'entry learning cost', to something many more people could do. Whether intentional or not, the average joe is becoming more exposed to the methodology of writing functional pieces of code through macros, application-specific scripts, etc. And as more jobs are offshored and people in other countries learn and become proficient at it, it's as simple as with a larger base of people knowing how to write code, and a constant ratio of all people with bad intentions, it will just keep increasing.
Anyway, my two cents.
Be very, very careful what you put into that head, because you will never, ever get it out. -Thomas Cardinal Wolsey
The only way to be safe from viruses, is to never catch them. Anyone who needs antivirus software to protect or even diagnose their machine, is doomed before they start.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Based on the last few analyses I've seen, it appears that occurrences of real "new" viruses, meaning ones made from whole cloth that "advance the state of the art", as it were, haven't really been up that much.
What does seem to be up are "copycat" viruses--viruses that seem to be made from the new viruses. Either people are getting hold of the source to viruses, making a few modifications (to 'set their thumbprint' on them), and releasing them, or else just reverse-engineering the viruses. These "copycat" viruses do appear to be on the upswing. On the other hand, from all reports, the copycats tend to be poorly written and have flaws that either limit their spread or else limit their effectiveness.
The real innovators, though, are definitely getting better every year.
Is anyone doing that kind of analysis: rate of increase of "innovative", more dangerous viruses vs. random, garbage mods of existing ones? That would be an interesting glimpse into the state of the virus "industry".
What a joke!
"...noticeable spike in cybercriminal activity, suggesting that even the arrest of Sven Jaschan, the German teenager who has owned up to writing Sasser and Netsky has done nothing to curb the problem."
Oh right, so the arrest of Sven was going to solve the problem...? Maybe he wasn't the cybercrime boss after all..? Idiots.
In a world of 6 billion people. You find it hard that 1000 of them will make a virus. Heck that is 0.00001.66% of the worlds population. I am actually surprised that the numbers are that low. I guess most people try to do the write thing. Or most people who would the real jerks and make and release a virus are to lazy to do it.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
I am sure most of them see it as a joke or some political statement. But the political statement is pretty lame because no one knows what your angry about, "I Made this virus to protest the war?", "I made this virus to protest the the treatment of X", "I Made this virus because I dont like X company". When you get a virus it doesn't seem to spur the ideas that the virus writer wanted to portray.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Say this with me: EDUCATE THE PERSON.
I can't even estimate the number of people with whom I've dealt that have expired, disabled or even damaged anti-virus programs on their computers. Their justification is "I don't know about spending that $X/yr...I don't need it."
For those with Windows versions that have the auto update features available, I can't even estimate the number of people with whom I've dealt that have it disabled, inactive or just ignore it. Their justification is "it slows down my AOL and it keeps popping stuff up or tries to restart the PC."
It's *GREAT* for business and part of me wants to thank the virus writers, spammers and spyware folks...you're providing me with a chance to make some beer money. However, what it boils down to is SOMEONE has to educate the masses...and that someone is all of us; even if we just remind our family and close friends.
Before your little brother or sister [son or daughter] go back to college this fall, MAKE SURE THEIR PC IS SECURE. The college folk with whom I've dealt have epidemics happening on campus...the networks are so overloaded that it's difficult to even fix the machine without taking it home.
This case is particularly clear - forget about punishing the behaviour - just fix the technical problems that allow worms and virii to exist.
There may be no I or U in TEAM, but you can make meat out one.
In any case, the _real_ issue is how many viruses have a noticeable effect, as a result of successful features, deception and propagation. The number of variants may be of interest to Symantec and the virus writers, but otherwise it's like keeping track of the number of nude bodies Beyonce's head is Photoshopped onto.
What I'm listening to now on Pandora...
Nobody seems to be bringing up the possibility that the rise in viruses could be attempts at economic warfare. There are a lot of people disgruntled with the US and the West and some of them are probably good programmers.
It would be interesting to compare the economic costs of losing the World Trade Center buildings to the economic cost of viruses and fighting them.
It could be a case of "we are at war with you and I made this virus to cost you money and productivity."
All top 10 viruses are win32 viruses because the win32 platform has the largest market share and thus the most retarded users. And that's also why you shouldn't bash win32. Linux right now has a fairly decent reputation regarding security. However, how do you think Linux would fare if it had 50% market share of which half was running RH7.2 without ANY updates whatsoever? The virus problem lies with the virus writers who need to sod off and get a life. The problem with security in general lies with the stupid users.
Remember that with auditing, regular updates, a good firewall and some finely-tuned ACLs even Win32 (NT5+) can be made pretty secure.
Hate me!
I'd say that social engineering worms are superior to every other type of malware, no matter how elegantly written past viruses/worms may have been. Why bother with rewriting partition tables, privilege elevation exploits, or VB scripts that take over Outlook, when the user will willingly run the code based on a one sentence message from some stranger? If you had told me this 10 years ago, I would have laughed at the prospect that gullibility and ease-of-use would be the two greatest threats to computer security. Amazing.
Sasser may have generated the most complaints for lazy [and/or clueless] admins, but these mailer worms are the biggest headache for me. Unlike Sasser (we have no cases of it), the social engineering ploy is going to continue to be effective until e-mail as we know it changes. Sender authentication + SMTP would fix both spam and virus problems, unfortunately at a great cost in convenience to users. Considering that almost everyone I know receives 90 per cent spam/viruses in their inboxes every day, that inconvenience is looking more trivial every year.
Fred
"A fool and his freedom are soon parted"
-RMS
Since so many new viruses, worms, and other examples of malware are being created by university graduates, instead of lonely immature teenagers, right?
Unfortunately most ISPs don't qualify as much more knowledgable than most users. Therefore they'd find a cheap solution and deploy it. Period. I'm waiting fearfully for Cisco or somebody to introduce a cheap/powerful enough router or some piece of head-end gear that the ISPs will just turn on stateful packet filtering across the board, and deny all incoming connections.
And of course this still won't stop the problems, because there will still be other disease vectors besides incoming connections. So I also won't be surprised to see rate limits on outgoing email and filters on every outgoing port where the ISP provides that service in-house.
They've only begun closing down the Internet. There's lots more to go, in the name of spam, virii, and terrorism.
As for 'users capable of administering their own connection,' no way. Who evaluates? Giving every idiot who simply asks full privileges opens the floodgates, again. Probably the simplest, most likely thing would be to allow MSCEs to administer their own connections. Is that what you really wanted?
Mildly off-topic... Sometime I'd like to take a look at the most simply-caught spam. IMHO, spam would be a great way to broadcast clandesting (including terrorist) information. Nobody reads the stuff, or at least most people try not to. A little deception, a little steganography, a little encryption, a little spread-spectrum, (split/interleave the message amoung many pieces of spam) and you've got a terrific worldwide communications channel.
The living have better things to do than to continue hating the dead.
And I don't mean "will instantly wipe your hard drive".
I mean ones that will randomly alter numbers in Excel spreadsheets and Access databases.
At the moment, viruses are just a really huge annoyance and a means for spammers to grab more zombies.
I think the copycat viruses are because it is far easier to copy what someone else has already proven than it is to do original work. I also believe that most virus writers aren't that great at writing code. But that's just my personal opinion. The majority of "viruses" I see via the email scanner are the old "click the attachment" types of trojans. Social engineering.
This serves to further complicate an already complicated system, and so strange side effects are more likely to pop-up (no pun intended). Such as between badly written printer drivers and firewall software, of all things.
Foolishly, a couple weeks ago I volunteered to help a friend out with his home computer. Of course, it was practically locked up with all the crap he had on there. I re-installed it (XP Home), put on the cr. updates, got him set up with Mozilla, AdAware, Spybot S&D, and ZoneAlarm.
I even talked him into getting his family members to use a limited account on the system, to hopefully keep the system as clean as possible for as long as possible. (However, I now realize that many games and other apps don't run properly under anything but an Admin account... so what's the use of that? Growl...)
Printer was working, everything. So I handed it over to him, and a couple days later he calls me to tell me that the printer stopped working. In his effort to be helpful, he clumsily re-installed the printer drivers, but with the old version, not the new. I got it straightened out again, and after some research, discovered that his printer driver (for an HP Photosmart 7350), has some kind of funky problem with the latest version of the free Zone Alarm. But I managed a workaround to this by having him restart his printer driver service. That was yesterday.
Now, something else has happened to the printer, the goddamned thing won't print at all, and re-installing the printer drivers makes not ONE fucking difference.
So what's my point (other than the one under my hat ha-ha)?
1) We have to try to protect ourselves from all the low-lifes trying to own our systems, and in so doing, make our systems even more complicated and difficult to get them to perform the tasks we have them for in the first goddamned place.
2) No matter how much you straighten out somebody's system for them, they can balls it right up again within a short span. Only this time, it's YOUR fault. (I thought of keeping the admin password only to myself for the trial period, but as I mentioned, in order to use it for games, they have to log in as Admin. So they can change anything, install anything, and then play innocent when it breaks.)
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
Linux *is* getting hit, the Internet *is getting hit.
Our (linux) mailservers are being bombarded with ten of thousands of virusmails daily (double compared to 2 weeks ago) thanks to cable and DSL machines that are spewing virusmails as fast as they can.
Viruses may not target the infrastructure but they're certainly starting to affect it.
Think of it as an Internet wide DDOS attack...
X.