MEDIA ALERT: Information Security Predictions for the New Year; TruSecure Expert Forecasts Virus and Worm Outbreaks and Trends for Early 2003.

Business Editors/High-Tech Writers

HERNDON, Va.--(BUSINESS WIRE)--Dec. 30, 2002

In the year 2002, corporations and organizations were spared most of the high-cost malicious Involving malice; characterized by wicked or mischievous motives or intentions.

An act done maliciously is one that is wrongful and performed willfully or intentionally, and without legal justification.

DESERTION, MALICIOUS. code exploits prevalent in 2001, such as Nimda and Code Red although companies that relied on anti-virus software anti-virus software n → Antivirensoftware f and did not filter email properly dealt with numerous attacks. TruSecure's technical director of malicious code research, Roger Thompson Thompson, city, Canada
Thompson, city (1991 pop. 14,977), central Man., Canada, on the Burntwood River. A mining town, it developed after large nickel deposits were discovered in the area in 1956. reports that in 2003, we may see the end of standard mass mailing worms Worms (vôrms), city (1994 pop. 79,155), Rhineland-Palatinate, SW Germany, on the Rhine River. It is an industrial city and a leading wine trade center. . However, security professionals may want to brace brace: see drill.

(character) brace - left brace or right brace. for another attack in the class of and level of Code Red. Thompson's predictions for early 2003 include:

-- More Remote Access Trojans (RATs) or backdoors-- overall, these attacks increased in 2002 but have decreased in the last few months. This type of security breach remains a favorite of the hacker community: malware code writers will continue to disguise RATs and backdoor scripts as "adult" movies and then post them to pornography news groups targeting inexperienced users. Expect them to continue through 2003 but they will be mixed with more and more greyware (i.e., spyware and advertising monitoring that is barely legal).

-- Mass-mailing Win32 viruses were largely unsuccessful in hitting corporations in 2002, with the notable exception of organizations that did not filter properly. One of the two biggest worms of the year was W32/Klez, which has been infecting home environments. The impact of the mass-mailing worm is mostly over for corporations but, in 2003, it will still have an impact on SOHO environments.

-- In 2001, Code Red was the most interesting piece of malware, with four versions and two separate code bases. In 2002, the Scalper/Slapper worms were in this category but were not as successful as Code Red. SqlSpida was successful at finding weak SQL servers but did not make it past the server into the organization. Thompson expects another attack in 2003 in the class and level of Code Red.

-- W32/Nimda v1.0 was the biggest, most likely malware threat of 2002, but never hit. Given that Nimda was internally listed as v0.5 and knowing that the original worm didn't exploit all the known vulnerabilities in 2001, it is likely that there will be a v1.0 in 2003.

-- Macro and script viruses emerged at a rate of 200 to 300 a month in 2002 but this will dramatically decrease to only about 20 to 30 per month. Major anti-virus programs detect these and they will not have a measurable impact.

For media interested in speaking with Mr. Thompson, please contact Cynthia S Cynthia

goddess of the moon. [Gk. Myth.: Kravitz, 72]

See : Moon . Smith of TruSecure Corp. at (703) 480-8509 or csmith@trusecure.com, or Brian Greehan or Nicole Cuda of Schwartz Communications at (781) 684-0770 or TruSecure@schwartz-pr.com.

About the Expert

Roger Thompson is director of malicious code research for TruSecure Corporation, where he monitors emerging threats and risks posed by the latest malicious code, whether viral Meaning "related or caused by a virus," with regard to computers and information technology, the term refers less to a computer virus than it does to information that spreads quickly via the Internet. See viral marketing and viral video. or trojan A program that appears legitimate, but performs some illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk. . He provides TruSecure's independent ICSA See TruSecure. Labs with high-level guidance on malicious code certification standards and criteria, and is the principal developer of TruSecure Corporation's TruSecure Census toolset. Thompson joined ICSA Labs as director of Anti-Virus Research in June of 1997 and shortly thereafter chose to focus specifically on the growing threat of malicious mobile code. Each day, Thompson exchanges information with other anti-virus specialists around the world and is a regular speaker at security conferences both in the US and abroad. He is also on the editorial board of Virus Bulletin and the Advisory Board of the Wild List Organization.

About TruSecure

TruSecure is a leading security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the provider, offering the only fully integrated, enterprise risk management services on the market. TruSecure's unique blend of proactive risk reduction with real-time security management, monitoring and response assures continuous security of critical business information assets. TruSecure Certification has become a globally recognized symbol of commitment to effective information security in an interconnected economy. Additionally, TruSecure owns the independently operated ICSA Labs(R) and Information Security(R) magazine. Headquartered in Herndon, VA, TruSecure protects more than 700 sites worldwide, with operations in North America North America, third largest continent (1990 est. pop. 365,000,000), c.9,400,000 sq mi (24,346,000 sq km), the northern of the two continents of the Western Hemisphere. , Central America Central America, narrow, southernmost region (c.202,200 sq mi/523,698 sq km) of North America, linked to South America at Colombia. It separates the Caribbean from the Pacific. , Europe and Asia Pacific. For more information about TruSecure Corporation, visit www.TruSecure.com.

TruSecure, ICSA, ICSA Labs, and Information Security are registered trademarks of TruSecure Corporation. All other trademarks and service marks mentioned herein are property of their respective owners.

COPYRIGHT 2002 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Publication:	Business Wire
Geographic Code:	1USA
Date:	Dec 30, 2002
Words:	715
Previous Article:	Four Players Share $179,286 Top Prize in FANTASY 5.
Next Article:	Hub International Plans Major Midwest Expansion; Will Acquire Insurance Agency From Fifth Third Bank.
Topics:	Computer software industry Software industry

Related Articles
Costs of Virulent Computer Bug Continue to Accumulate.(Nimda worm affects computer networks, tips for avoiding future problems)(Brief Article)
MailMonitor for Notes/Domino. (Virus Notes).(Sophos)
Virus writers squabble in virtual playground. (Security).(Brief Article)
An overview of virus activity in 2003.(Virus Notes)
Don't believe your browser--it could be Dumaru.(Virus Notes)
Homeland security offers alerts warning of e-mail viruses.(Up front: news, trends & analysis)
Infosecurity Europe 2005.(CONFERENCE CLIPPINGS)
Sober-N worm in over 40 countries, shows no sign of disappearing.(Security)(Brief Article)
Increase in email with outbreak of Win32.Sober.s.(Security)(Brief Article)
Sophos warns against panic as worm attacks CNN, Financial Times and New York Times.(Security News)