Prophet of Doom

Forget Bagle. The first month of 2004 is hardly over and already; we have seen the first ‘Big One’ of what is likely to be many more to come. MyDoom, allegedly originated from “The Dark Side” of the Linux community with a grudge to settle against SCO but a second variant is going after Microsoft as part of a distributed denial of service DDoS attack from a PC near you.

MyDoom is nastier than most, following a trend, which becomes increasingly more malevolent as months pass. Infected computers become potential ‘zombies’ which can allows malicious hackers to secretly install a Trojan horse program, key logging software or simply explore files. Attackers just have to connect to the open port and upload spyware or any other program they might wish to.

Last year’s curse, Blaster “Is believed to have spread to hundreds of thousands of systems and while most businesses have cleaned up the worm, Microsoft has found that a large number of home users are still unknowingly infected”, which is why the company has released a tool to expedite the cleaning-up process as the worm remains in sufficient numbers to cause contention problems across the web.

Only last week Detective Chief Superintendent Len Hynds, the Director of The National Hi-tech Crime Unit (NHTCU) warned that the rapid growth in Broadband and third-generation mobile telephony (3G) would provide “A window of opportunity for organised crime”. Security company, Clearswift has also described the SoBig virus as an inspiration to cyber-criminals” and observed a "clear switch" in the motives of the virus writer, with intellectual challenge or simple-minded cyber-vandalism being superseded by financial gain as the primary motive for malware coding.

All this leaves the end-user between a rock and a hard place. Cyber criminals on the one side, queuing-up to take a pop at any unprotected PCs or networks and a software environment which is only as strong as its weakest link, the million upon millions of totally unprotected PCs with owners naive enough to fall for MyDoom’s basic social engineering trick.
You have to feel sorry for Microsoft because they are going to have to carry most of the blame for MyDoom and whatever follows next. We’ve had six months of advertising and investment telling people to, at the very least, buy an up to date anti-virus product and you know what, they don’t take the blindest bit of notice.

“It’s my bread and butter, removing viruses”, says the owner of M-Wise, my local computer store. They are still coming in with Blaster and as I talk to him, almost by coincidence, a man appears carrying a PC, which he tells us needs to have Blaster removed.

Almost twenty years ago, I ran the first anti virus seminar in London with a friend called Dr Alan Solomon. Alan demonstrated to the audience how a simple virus could destroy a hard disk and even cause an IBM PC to overheat and die. Nobody was particularly worried because very few people were connected to anything more than their printer but today, it’s a different story. We know that each attack is getting worse and even well-protected businesses are at the mercy of their partner chain or your next door neighbour with his brand new Broadband connection to Kazaa.
Government is making an effort, business is trying harder and Microsoft is trying frantically but the Internet we depend on is increasingly at the mercy of the public’s grasp of computing realities. May God have mercy on us all.


Popular posts from this blog

The Nature of Nurture?

Civilisational Data Mining