Invading computer viruses can enslave your PC, destroy
your data and ruin your business. Protect yourself from meltdown
says Bernhard Warner.
In July 1998, as the first batch of dotcom chief executive
offiers were thumbing through Porsche brochures, a canny programmer
was putting the finishing touches to an historic computer
program.
The program would never be sold, and never make the inventor a
penny. But it would rattle the nerves of the IT security industry.
The program was called "Back Orifice 2000" a not-so-witty swipe at
the mighty Microsoft. The joke ended there.
Back Orifice 2000 was released onto the internet via e-mail.
Once unwittingly opened by a computer user, the file downloaded
itself onto a computer hard drive and took partial control of the
machine. It could duplicate Microsoft PowerPoint presentations. It
could activate a computer's internal microphone to record nearby
voice conversations. It could even eject the CD-Rom tray at
will.
Back Orifice 2000 is considered by many security industry
officials to be the very first piece of "spyware". It's crude by
today's standards, but its implications are deadly serious.
Back Orifice proved that a piece of code could be used to take
over another person's PC. Spread via computer viruses, spyware
would later be refined to carry so-called "back doors" and
"Trojans" - programs capable of installing themselves on a remote
computer for the purpose of doing the creator's bidding.
Today, they can track keystrokes to lift passwords, credit card
numbers, online banking details and other sensitive information.
They can snoop through a PC or corporate computer network looking
for select files. And, experts say, more potent variants are
released regularly into the wilds of the computing world.
"It looks to be getting worse. This year, we've seen more virus
outbreaks in the first quarter than in all of 2003," says Jack
Clark, a technology consultant for computer security firm McAfee
Security.
Computer viruses are nearly as old as personal computers. But
early relics like the "Morris Worm" and the "Pakistani Brain", both
from the 1980s, were a sort of electronic graffiti, designed more
to get the programmer noticed than to cause harm.
They began to take on a malicious feel years later when
programmers designed them to exploit a computer system and delete
files. Spyware represents another step forward: these programs are
designed to take over a computer and convert it into a proxy for
sending out spam or hosting pornographic websites.
Recent virus outbreaks such as SoBig, MyDoom and Bagle all
worked in this way. Junk emailers now routinely route their
get-rich-quick schemes through slave computers to stay one step
ahead of filters and blacklists that block spam. Gallingly, the
computer that's swamping your e-mail inbox with junk may be your
own.
According to a report by research firm Aberdeen Group, there are
nearly 7000 spyware programs in existence, running on millions of
corporate and personal computers around the world. Chances are
there is one on your computer now. US software firm Websense
reveals that one-third of European companies detected spyware on
their networks last year.
Because of the malicious nature of spyware, viruses and worms,
police suspect they are the handiwork of organised crime. Not
surprisingly, cybercrime has grown in parallel with the rise of
online commerce.
Cybercrime cost British companies hundreds of millions, and
perhaps billions, of pounds in lost business last year. The next
wave of internet attacks is likely to be more severe, the UK's
National Hi-Tech Crime Unit (NHTCU) warned earlier this year.
In an NHTCU survey of 201 of Britain's largest companies, 83%
said they had experienced some form of cybercrime in 2003. The
attacks cost more than £195m in business downtime and lost
productivity.
But smaller businesses are probably at a bigger risk. Many don't
use anti-virus and firewall software and lack the technical kow-how
to keep their systems virus-free. In the UK, it's estimated that
41% of smaller companies suffered at least one attack.
The economic toll can be crippling to the firms, which have
historically under-invested in even basic network security
measures. Each virus attack cost the companies £2,500 in lost
output and clean-up, according to McAfee Security.
The virus onslaught is only getting worse. MessageLabs, a
UK-based e-mail security firm, said it stopped 92.6 million viruses
out of more than one billion e-mails, equating to an e-mail
infection rate of 9.1 %. More ominously, spam represented 76% of
global e-mails in May, a record high.
For smaller companies, the biggest threat is malicious programs
that can turn ordinary business PCs into spam machines. If a
business network is hit, a company's computing capacity can be
severely sapped as countless spam e-mails are sent from its
servers, with an obvious knock-on effect on both productivity and
profitability.
"Overall, the sector is suffering from a lack of awareness. Most
companies are unaware viruses can spy on networks and change
dial-in codes," said McAfee's Clark.
For security firms, internet service providers and Microsoft,
the past two years have been brutal. The virus-writing underground
has managed to foil many of the spam and virus filters on the
market. But a new tactic is afoot: securing the network at its
source. Cisco Systems in June announced it would team with security
firm Trend Micro to fortify computer routers - the internet's
traffic cops - with anti-virus software.
New Cisco routers will be programmed to stop worms and viruses
in their tracks before they can spread. But that's just part of the
solution.
"Individual computer users are still responsible for their own
security, but this should help," said Raimund Genes, president of
European operations for Trend Micro.
Protect your business
In 2003 more than one in five small businesses across Europe
shut down for several hours to recover from a virus attack - and
that downtime is costing an estimated £14.6bn every year.
Yet many smaller British businesses have no security in place to
guard against malicious attacks. Others don't update their
anti-virus software regularly, leaving them exposed to new and
evolved strains. BT's Internet Security Pack offers leading
anti-virus and firewall software for total internet safety.
Benefits include:
- Free automatic updates - automatic software updates and
installs ensure you're always ready to tackle the latest threats,
at no extra cost
- Real-time alerts - audio and visual alerts let you know when an
attack is occurring, its severity and the action being taken to
keep your business safe
- Value for money - there is no up-front fee and the service
costs just £4.99 per month per PC ††
- Cost savings - with the most up-to-date antivirus software and
firewalls, you can defend against attacks, avoid downtime and
ultimately save money
- Flexibility - you can alter the level of security, depending on
the clearance of the user connecting to the office network
- Scalability - as your business grows, you can purchase
additional user licences
- Increased productivity - as it's low maintenance, Internet
Security Pack saves time and frees staff up to focus on other
projects
- 24x7 support - a 24x7 expert helpdesk ensures assistance is
always at hand
*Applies to commitments within 5Gbytes-249Gbytes range.
**Applies to commitments within 5Gbytes-249Gbytes range. 12-month
minimum term applies. Annual payment plan applies.
† McAfee Security survey.
†† Subject to 12-month minimum term.
Not Mac compatible. Terms and conditions apply.
Jargon Buster
Backdoor: a hole in the security of a computer
system, often left in place by designers or engineers.
Spyware: programming hidden on a computer.
Advertisers or hackers can gather information about the user
without their knowledge.
Trojan Horses: innocent-seeming programs that
carry a payload - a worm or virus - designed to destroy a
computer's functionality.
Viruses: programs loaded onto a PC without the
user's knowledge, causing local malfunctions. They can often
replicate and spread to other PCs.
Worms: malicious programs that replicate like
viruses but spawn in networks, and are usually designed to slow it
down or crash it.