2001: A Security Odyssey; F-Secure Recalls the Most Challenging Year Ever for Data Security.Business/Technology Editors SAN JOSE, Calif.--(BUSINESS WIRE)--Dec. 18, 2001 Experts agree that year 2001 was the most active year for computer related crime so far. From traditional viruses to complex network worms, the year 2001 was, to paraphrase Arthur C. Clarke, "a security odyssey", said Mikko Hypponen, Manager of Anti-Virus Research at F-Secure Corporation. One of the central themes of 2001 was the rapid evolution of the malicious code threat. Many of the new computer virus types seen during 2001 were using hacking techniques such as exploiting known security vulnerabilities. Worms such as Code Red are difficult to stop with traditional anti-virus solutions, because they never infect files, said Hypponen. "To combat these new types of combined hacking and virus attacks, the data security industry needs to combine functionality from traditional anti-virus programs and distributed firewall systems, providing protection against viruses, hacking and the combination of these threats," he explained. A state of dread among savvy and novice computer users alike, first perceived in the year 2000, was amplified in 2001. Viruses continued to appear at the rate of five per day, according to Hypponen, and by year-end had accumulated to 59,000. Nimda An extremely effective denial-of-service worm that takes advantage of numerous security loopholes in Microsoft's Web server (IIS) and browser (IE) software. Meaning "admin" backwards, Nimda usurps disk space in both clients and servers by depositing unwanted files in local folders and network shares and attaching itself to executables. worm Perhaps most notorious for its damage and for what it portends was the mass-mailing Nimda worm, the first Internet malware that actually took over websites in order to proliferate. Spread by four different methods, Nimda infected 2.5 million computers, taking just one day to infect local area networks and individual desktops globally. "We have no idea where Nimda came from," commented Hypponen. "There are references to China inside, but those could be faked." Wherever its origin, he continued, it's likely to have been written by a group of people. "And, to develop and test a worm like Nimda, a testing lab with networks, servers and routers is needed. The size of the investment in both time and money makes one wonder what are the motives driving the creators of viruses like Nimda." Much of the damage done by Nimda and a later worm called BadTrans was avoidable, in that preventive measures were freely available. In addition to commercial anti-virus products, Microsoft had warned of certain vulnerabilities in its applications, and offered a free patch; but many users were lax in a false sense of security and did not update their systems. "That's skating on very thin ice," said Hypponen, "and many fell through". But the world of anti-virus research wasn't without its victories either; both the Dutch author of Anna Kournikova virus and a group of Israeli teenagers behind the Goner virus were located and apprehended by authorities. "The only way we can win is by catching these perpetrators and showing the world that virus-writing is a crime which doesn't pay," said Hypponen. An example of devious craft showed itself in the distribution of viruses and other malware through mailing-list servers. Most members of affinity groups, such as music fan clubs and other opt-in organizations, open the email from those servers because, either consciously or instinctively, they trust the content. In just the first month of testing protective software provided by F-Secure, L-Soft reported stopping more than 100,000 virus attacks on some 630 lists hosted by that company. Although most of the security problems over 2001 concerned users of Microsoft operating systems, other platforms had their share as well: In January, the first widespread Linux worm, known as Ramen, was found. In May, the Sadmind worm infected hundreds of Solaris-based Unix systems. And in June, Macintosh users had their share of e-mail mass mailing worms with the discovery of the Mac.Simpsons worm. What lies ahead Meanwhile, a wave of enthusiasm greeted Nokia's new smart phones and Microsoft's latest PDA platform, Pocket PC 2002. With the proliferation of mobile devices across enterprises, corporate assets ranging from e-mail to confidential financial information instantly become more vulnerable to theft or damage. Pocket PC 2002 and Nokia Communicator herald a whole new generation of wireless devices, many in the hands of end-users, with all the exposure and vulnerability that comes with the territory of such new products. Anthony Gyursanszky, vice president of F-Secure's Wireless Security Solutions unit, said, "The security risks presented by these devices will multiply in January, as many professionals will bring the PDAs they have received as Christmas gifts into work, and start to place corporate data onto them. This data is then at risk of interception, loss, theft and worse, underlining the need for IT managers to have solutions which cover the entire IT spectrum, with strong encryption and content (anti-virus) security." Unfortunately, the future looks no brighter, according to Hypponen. Human tendencies persist. And, those who get some diabolical pleasure out of attacking technology continue their destruction at an accelerating pace. In anticipation of continuing activity on this front, F-Secure increased its anti-virus signature The binary pattern of the machine code of a particular virus. Antivirus programs compare their database of virus signatures with the files on the hard disk and removable media (including the boot sectors of the disks) as well as within RAM. The antivirus vendor updates the signatures frequently and makes them available to customers via the Web. See antivirus program. updates to twice daily, which is believed to be the most frequent updating in the industry. It is sensible to assume that the number of sophisticated malicious code attacks will increase; and, at the same time, the attacks are getting more and more professional. "Whether these people represent terrorist groups, organized crime, military or intelligence communities is somewhat irrelevant," said Hypponen. "The bottom line is that we are seeing the first signs of the type of fundamental vulnerability that a fully computerized society and economy will have to live with." Appendix: Major virus cases of 2001 January: Hybris January: Matrix (MTX) February: Anna Kournikova March: Magistr May: Homepage July: Sircam July: Code Red September: Nimda November: Badtrans December: Goner Descriptions and screenshots of the above viruses are available from http://www.f-secure.com/v-descs/ About F-Secure Corporation F-Secure Corporation is a leading provider of centrally managed security for today's mobile, wireless enterprise. The company offers a full range of award-winning, integrated anti-virus, file encryption, distributed firewall and VPN solutions for workstations, servers, gateways and mobile devices. F-Secure products are uniquely suited for delivery of Security as a Service (TM) which provides invisible, reliable, always-on, and up-to-date security for the most widely distributed user base. Whether provided by corporate IT or delivered by service providers, F-Secure solutions extend policy-based security and instant alerts to all devices where information is created, stored or accessed. Founded in 1988, F-Secure Corporation is listed on the Helsinki Stock Exchange (HEX: FSC). The company is headquartered in Espoo, Finland with North American head office in San Jose, California, as well as offices worldwide. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion