As the number of network attacks grow, will we ever be able to combat the problem of viruses and worms without going offline, asks Simon Moores.
It very much looks as if my predictions of further "code chaos" in the wake of the Blaster worm came even more quickly than I anticipated, in the form of the Sobig.F virus.
In fact, at one point, it was hard not to find anyone who hadn’t been affected, friends, family or business.
When I arrived in the Sky News Westminster news room, it was to find the unhappy news team locked out of their network too.
I may have told you before that I’m a bit of a Luddite in that I don’t have a broadband connection from home for a number of reasons.
First, I can’t afford to lose my e-mail capability, as experience has shown me that broadband is wonderful, but occasionally dodgy. For example, a friend who went on holiday to Devon, left his connection "up", and while he was away, he missed both Blaster and Sobig.F and when he came home he had visitors - well I’m sure you can guess.
Another friend who moved his London business down to his house in Kent, told me that thanks to Sobig.F, BT’s broadband service was up and down constantly, so he reverted to dial-up in an attempt to stay online.
Unfortunately, he and others I know appear to have fallen foul on what can only be a glitch at www.spamcop.net which BT and others appear to be using to filter their e-mail.
I’m getting e-mail bounces through BT Anytime and other ISPs with variations on the following message: “Information Misc Error: The server you are SENDING VIA ([184.108.40.206]) is blacklisted by a public blacklist (bl.spamcop.net)”, so something unusual appears to be happening in addition to the problems being caused by Sobig.F.
One day, someone will add up the cost of August and the heat wave in combination with the e-Crime wave represented by the two relatively small pieces of code, that brought business to its knees. PA Consulting estimates the figure to be around £500m.
You’ll be pleased to hear that the government will be publishing its e-crime strategy in spring 2004 and according to the latest Eurim report, the outdated Computer Misuse Act, which is technology neutral, may soon be changed to include denial-of-service attacks and unauthorised access.
However, the scale of the problem and the sheer volume of data is staggering.
Symantec tracks more than 6,000 vulnerabilities on more than 11,000 versions of 2,700 software products from 1,300 suppliers. Last year, it told Eurim-IPPR study group, those same vulnerabilities were turned by hackers into one million malicious code submissions.
Symantec’s monitoring of the networks of 20,000 partners in 185 countries produced data on three billion security events, of which Symantec was able to track 13 million separate IP addresses responsible for launching the attacks.
Figures like these illustrate the scale of a problem which is not going to go away, and one which is likely to become worse as "blended" threats, which use the increasingly broadband-connected society, become more sophisticated and damaging.
Can we fight back with any degree of success? Can we win without unplugging ourselves permanently from the world wide web and the world’s most popular operating system?
That, like the promise of a better health service, simply isn’t going to happen this side of 2010.
What do you think?
Is it inevitable that UK PLC will suffer regular network overloads in the future? Tell us in an e-mail >> ComputerWeekly.com reserves the right to edit and publish answers on the website. Please state if your answer is not for publication.
Setting the world to rights with the collected thoughts and opinions of leading industry analyst Dr Simon Moores of Zentelligence.
Acting globally, Zentelligence (Research) advises governments, suppliers, business and the media on the evolution, application and delivery of leading-edge technologies and specialises in the areas of eGovernment and information security.
For further information on Zentelligence and its research, presentation and analyst services visit www.zentelligence.com