Brace for web worm chaos, users warned

News

Brace for web worm chaos, users warned

Bill Goodwin
Businesses should brace themselves for attack by sophisticated new worms capable of causing widespread disruption to the internet, security expert Bruce Schneier has warned.

Schneier, a security researcher, author and chief technology officer at security services supplier Counterpane, said the components to create a devastating worm attack were already on the internet. "It is just a matter of putting them together," he said.

Viruses have become increasingly sophisticated over the past 12 months, highlighting the need for businesses to keep their anti-virus systems updated and IT networks patched, Schneier said.

There were 1,000 new viruses released in the last six months of 2004. Many were sophisticated polymorphic and metamorphic viruses, which are able to change form, or download complete rewrites of their underlying code.

"We are seeing more targeted worms. We are seeing worms that use Google to identify vulnerable machines. They are much more complex, much more sophisticated than conventional worms," he said. Worms and viruses targeted at mobile devices will become more common, as mobile devices are used for buying and selling, Schneier warned.

Developments in technology are unlikely to give IT departments any automatic defence against worms and viruses in the foreseeable future, he added. The best defence for the time being are intrusion detection and prevention systems, which rely on attack signatures, rather than the detection of anomalous behaviour.

This means that there will continue to be a need for large numbers of people to monitor and respond to threats on the internet and to develop countermeasures, said Schneier.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy