As the number of network attacks grow, will we ever be
able to combat the problem of viruses and worms without going
offline, asks Simon Moores.
It very much looks as if my predictions of further "code
chaos" in the wake of the Blaster worm came even more quickly than
I anticipated, in the form of the Sobig.F virus.
In fact, at one point, it was hard not to find anyone who hadn’t
been affected, friends, family or business.
When I arrived in the Sky News Westminster news room, it was to
find the unhappy news team locked out of their network too.
I may have told you before that I’m a bit of a
Luddite in that I don’t have a broadband connection from home for a
number of reasons.
First, I can’t afford to lose my e-mail
capability, as experience has shown me that broadband is wonderful,
but occasionally dodgy. For example, a friend who went on holiday
to Devon, left his connection "up", and while he was away, he
missed both Blaster and Sobig.F and when he came home he had
visitors - well I’m sure you can guess.
Another friend who moved his London business
down to his house in Kent, told me that thanks to Sobig.F, BT’s
broadband service was up and down constantly, so he reverted to
dial-up in an attempt to stay online.
Unfortunately, he and others I know appear to
have fallen foul on what can only be a glitch at
www.spamcop.net which BT and
others appear to be using to filter their e-mail.
I’m getting e-mail bounces through BT Anytime
and other ISPs with variations on the following message:
“Information Misc Error: The server you are SENDING VIA
([193.113.154.14]) is blacklisted by a public blacklist
(bl.spamcop.net)”, so something unusual appears to be happening in
addition to the problems being caused by Sobig.F.
One day, someone will add up the cost of
August and the heat wave in combination with the e-Crime wave
represented by the two relatively small pieces of code, that
brought business to its knees. PA Consulting estimates the figure
to be around £500m.
You’ll be pleased to hear that the government
will be publishing its e-crime strategy in spring 2004 and
according to the latest Eurim report, the outdated Computer Misuse
Act, which is technology neutral, may soon be changed to include
denial-of-service attacks and unauthorised access.
However, the scale of the problem and the
sheer volume of data is staggering.
Symantec tracks more than 6,000
vulnerabilities on more than 11,000 versions of 2,700 software
products from 1,300 suppliers. Last year, it told Eurim-IPPR study
group, those same vulnerabilities were turned by hackers into one
million malicious code submissions.
Symantec’s monitoring of the networks
of 20,000 partners in 185 countries produced data on three billion
security events, of which Symantec was able to track 13 million
separate IP addresses responsible for launching the attacks.
Figures like these illustrate the scale of a
problem which is not going to go away, and one which is likely to
become worse as "blended" threats, which use the increasingly
broadband-connected society, become more sophisticated and
damaging.
Can we fight back with any degree of success?
Can we win without unplugging ourselves permanently from the world
wide web and the world’s most popular operating system?
That, like the promise of a better health
service, simply isn’t going to happen this side of 2010.
What do you think?
Is it inevitable that UK PLC will suffer regular network
overloads in the future?
Tell us in an e-mail
>> ComputerWeekly.com reserves the right to edit and publish
answers on the website. Please state if your answer is not for
publication.
Setting the world to rights with the collected thoughts and
opinions of leading industry analystDr Simon
Mooresof Zentelligence.
Acting globally, Zentelligence (Research) advises
governments, suppliers, business and the media on the evolution,
application and delivery of leading-edge technologies and
specialises in the areas of eGovernment and information
security.
For further information on Zentelligence and its research,
presentation and analyst services visitwww.zentelligence.com