Hewlett-Packard has demonstrated how computer virus technology can be turned around to protect business networks against hackers and worms.
The company is researching new virus-like security technologies that are designed to identify vulnerable machines on company networks and shut them down
before malicious code strikes.
HP revealed this week that it had used the approach to protect thousands of machines on its network two days before the Blaster worm struck.
The code, developed by HP’s security research labs in Bristol, effectively saved the company from an infection that cost organisations around the world hundreds of millions of pounds to fix.
Although the technology is still at an early stage, HP sees it as a potential solution to the difficulties companies face ensuring all the machines on their network are patched, often at short notice, against the latest vulnerabilities.
Martin Sadler, lab director at HP laboratories in Bristol, said, "Tracking kit in any large corporation is difficult. HP has 250,000 devices connected to its network that we know of. But we do not necessarily know where everything is."
HP began developing the technology two years ago, when it deployed virus-like code to protect its IT systems from the Nimda virus. The code delivered a pop-up message to every unpatched machine on the firm’s network, urging the user to take action.
In the case of Blaster, instead of a pop-up warning, the security labs arranged for a code to be pumped out to every IP address on the company’s network that shut down any machine that had not been patched.
Some users were upset but the code protected HP from infection.
Sadler said the technology was still at an early stage, and there were still many questions that had to be resolved before the technique could be used commercially.
Companies using the technology would have to weigh-up the risk of virus-like code designed to protect against new vulnerabilities falling into the wrong hands and being used to develop malicious code with devastating payloads.