Tech Watch | InfoWorld Staff » Viruses march into March

March 05, 2004 | Comments: (0)

Viruses march into March

TAGS: None

Call me 'Captain Obvious,' but this email worm problem has gotten way out of hand. In the first week of March alone, I think I read that there are approximately 18,000 new variants of Netsky, Bagle and MyDoom worms. Clearly, I exaggerate the number, but the problems only seem to worsen each day. And if I'm annoyed by it, I can only imagine how IT managers and antivirus product makers feel.

And it turns out I'm right. They are irritated! I spoke to both Joe Hartmann, director of North American antivirus research at Trend Micro and Chris Belthoff, senior security analyst at Sophos this week about malware and each told me what I already suspected (I already told you I'm Captain Obvious)- the problem of worms and viruses will never, ever, go away. NEVER!

After speaking to aforementioned, I realize in terms of coping stages the industry is way past denial, bargaining, and anger. So perhaps we're in between the despair and acceptance stages. Either way let's stop fretting about the present and look to the future.

Both Joe and Chris agreed that the education of end users is pivotal. The three of us are dumbfounded that somebody would actually double click a .zip attachment until we remembered we work in the IT industry and are hyper-aware of worms. However, most companies do have an IT person and it is their responsibility to teach its users safe email practices. IT managers should also be diligent about patch management and network management. And finally they should be using, or evaluating, antispam and antivirus solutions. If these things are done, the email worm issue can be mitigated. I said mitigated, not eliminated.

I'd be remiss if I didn't use this opportunity and platform to rip Microsoft. As the closest thing to being a monopoly without me calling them one for fear of my life, Microsoft has a big responsibility in terms of education and changing its code creation process. And as I write this, I see they are thinking about education, so I guess I should delete the following sentence (but I won't).

I'll acknowledge they have recently begun to accept this role, but even more needs to be done considering its code is what is being attacked. It needs to be encumbered upon them to make changes to its future development cycle to include even more quality assurance. As for the code already out there, forget about it. Sure they can and will go back and comb through it looking for vulnerabilities, but there is so much out there and only so much can be done. And anyway we're talking about the future here.

So going forward ALL software developers need to place even more emphasis on checking and double checking code before it goes out the door. Unfortunately, Microsoft and its users (that's me) have always wanted features, features, features. Hence its focus on providing them over the years. This blog is surely not going to change their entire philosophy overnight, but we can hope developers see the value of making security a feature. Hell, I never thought I'd ever want a telephone that takes pictures, but I do. Badly. So maybe I too can get excited about security features.

The last audience we need to address is security vendors. Basically, I think they are doing a good job. They are all educating its customers as best as they can and are working very hard to recognize and respond to new worm and virus variants as they arrive.

As for the future, most are looking to build new platforms that are adaptive. I imagine this is easy to do, since customers are demanding products that are both effective today and tomorrow This is key. Vendors with a product that can't scale, be updated on the fly, etc. will be of no interest to enterprise customers.

So let's recap. Microsoft is evil, users are dumb, and security vendors react too late. I'm kidding.

In all seriousness, the problem of malware won't go away. We know this. All we can do is move toward acceptance and hope that the big boys will follow through with education, better practices, and adaptive products.

If Captain Obvious had a sidekick, right now he'd yell out- I agree! Let's call him- Affirmation Man.

Posted by Scott Tyler Shafer on March 5, 2004 11:00 AM

RATE THIS ARTICLE: