The Epidemic Of Viruses Is Growing Worse

The existence of viruses–nasty pieces of code that come uninvited to wreak havoc on computer systems–is pretty much taken for granted in this cyber-era, but, according to experts, the threat is growing worse and the cost, financial and otherwise, of sustaining an attack is increasing.

“Theres always been a trend for virus authors to try to infect the masses,” says Steven Sundermeier, product manager for Central Command Inc., a Medina, Ohio-based maker of antivirus software. And once e-mail began growing in popularity, “we saw a plethora of new Internet worms.”

A worm is a virus that replicates itself by sending itself out to other computers, using the computer systems of its victims.

Today, virus propagators have additional means of disseminating their destructive wares, including file-sharing programs such as music download sites, says Sundermeier. Instant messaging and other peer-to-peer channels–such as ICQ and MSN Messenger–are also growing in popularity with virus spreaders.

According to Sundermeier, some of the latest worms and viruses can disable real-time antivirus scanning software, and can even disable personal firewalls. This allows the virus to operate freely without being detected.

In many cases, hackers are sharing information to help each other build new and more potent viruses, he observes.

In the past several months, says Sundermeier, “weve seen a lot of viruses that are part worm and part Trojan, and the Trojan will install an anonymous proxy server” on a target computer. A Trojan is a virus that, once it gets into a computer, will allow access to that computer or its network from outside sources.

The anonymous server, Sundermeier continues, “makes your machine a zombie,” from which hacker attacks could be launched without the users knowledge. The Trojan “relies on the user to execute [an e-mail] attachment,” he explains. “Once they do that, it mushrooms out.” The Trojan, however, remains hidden, looking for critical words that might communicate critical or valuable information on the infected system.

“A lot of hackers were originally doing this to get their name out there,” comments Bruce Hill, vice president of development for Hillcomp, a systems integrator based in Greenwood Village, Colo. “Now, its starting to be more on the dangerous side and the hackers are organizing.”

Often, says Hill, a hackers primary goal is to “harvest” e-mail addresses. “If they get into an agency system and plant a Trojan there, they can harvest all the e-mail addresses on the agents client list,” he points out. “You can get money for those e-mail addresses. You can sell them to any kind of business” that operates on the Web.

Such a theft could compromise an agencys reputation, adds Hill, especially if the user of the stolen addresses says something like, “I got this from your insurance agency.”

According to Hill, there are “underground worlds” on the Internet where hackers and other wrongdoers collaborate. “The stuff you see in movies is not that far off,” he observes.

In addition to sending junk mail to “harvested” e-mail addresses, hackers may also scan your network for “every bit of correspondence youve ever had,” says Hill. The result could be theft of personal or proprietary information.

One particularly devious strategy used by hackers is to install both a Trojan and a keystroke recorder on a target system, Hill adds. While the user is entering access codes into his network system to clean up the virus, the keystroke recorder picks up the codes and sends them back to the hacker. “This gives them the ability to get into the network using your passwords,” he says.

Hill cites the Sobig virus, which “opens up servers so junk mailers can use them as e-mail servers.” In fact, Hill tells of receiving such an e-mail that used “one of Sonys old servers, then sent 100,000 e-mails off that server.” The victimized server was an older unit that had been left unprotected.

Should this happen with an agencys server, he notes, the agency could be blacklisted as having been the source of massive junk e-mails. The volume of mail alone, he adds, “can put you down for at least a week.”

“I go to the point of being paranoid about letting someone borrow your computer for a second,” Hill states.

Sundermeier insists, however, that the fight against hackers and viruses is not a losing battle. New antivirus products are not only identifying viruses but are scanning “potentially malicious code.”

He adds that a firewall may not be enough to combat viruses, noting that users should also have an antivirus software application in place.


Reproduced from National Underwriter Life & Health/Financial Services Edition, September 8, 2003. Copyright 2003 by The National Underwriter Company in the serial publication. All rights reserved.Copyright in this article as an independent work may be held by the author.