My last opinion piece (Winning the Virus War - But When? July 31, www.infosecnews.com/opinion/2002/07/31_01.htm) resulted in some (positive) responses, for which I’m grateful.
However, it was pointed out to me that in the war against the new breed of intrusive and malicious code variants, I omitted to mention or emphasize the potential threat of web site use or the danger surfing can pose potentially for users.
Viruses propagated and spread in this manner need to be eradicated too and can by no means be relegated to the insignificant list of "it's a limited threat so forget it" syndrome. As we've seen, anti-virus solutions per se do not cover every eventuality and need to be carefully supplemented with additional security precautions, such as solid policy management and content checking tools.
The dangers are real, but the solutions are there, so we need to make a concerted effort, one and all, to ensure we provide as secure and clean an environment as possible. If by rallying the troops we beat the attacks in their infancy, then the spread will be minimal and the effects with be inconsequential. The virus writers, many of whom have little or no real talent for coding, will either stop because the battle is futile, or rise to the challenge with further assaults, but they'll need to learn their 'trade' and develop some genuine skills before they can come up with new and more distinctive variants. Either way, the developers of our security solutions will be kept busy. On the lighter side, some of the virus writers may even turn away from the 'dark side' to assist in the war and get paid for it; assuming they aren't already behind bars for their sins.
There is of course one other 'breed' who needs educating: the 'home user.' Hours of surfing and, for many, not a single AV solution in sight, no content scanning and certainly no filtering of any form whatsoever! Is it any wonder then that the war is ongoing? Some responsibility needs to be taken, either by the government for its inability to properly educate, or our schools for not pushing the subject of computer security home a little harder. Whoever we blame, one thing's certain, we are not exonerated from this hit list: Who have you educated lately?
Certainly AV products are shipped as standard with many home PC systems, but how many people actually update their machines regularly or even register the products? Without this problem being addressed the corporate entities will always be at greater risk as the spread of viruses continue. ISPs also need to get their house in order; if you've ever been cut off midway through a download of the latest AV update you'll understand where I am coming from. It is not only frustrating, but may actually be deterring people from making regular updates, which of course is a slippery slope and one to be avoided. This war requires troops to be drawn from every quarter if we really want to win it.
Believe it or not, many home users simply have no concept of how a virus can infect their machine or how it subsequently spreads, and if they do - do they care? Come to think of it, many of these 'home users' are your employees. They don't need to know the difference between a Trojan and a worm, or any other form of malicious code, what they need to know is why they need to help stop their spread and how. Spending a morning going through security issues with staff could yield some very satisfactory results and not just for your company. Heard the saying "what goes around comes around"? Well, if you educate your workers they are less likely to open suspicious email or go to dodgy web sites, both at home and in the office. A wiser user is a safer user, and slowing the propagation of this type of code will benefit the corporate world in the long run. Spreading the word as fast as 'ILoveYou' may start the ball rolling, get the message across, and yield some very positive results.
So maybe two things need addressing. First, it's not just email that propagates the spread and infection of malicious code. Second, education is not a luxury but a requirement. Viruses and all malicious intent, whether email or Internet based is a form of cyberterrorism. If we are to take it on we need to do it together - united as one, no matter what part of the world we live in.
Cyberterrorism has no boundaries and can strike anywhere and at any time. What we let go today may provide the ammunition to stage a major assault tomorrow. It could be a school, a government office or the economy that's targeted, and it could impact on families, our administration, or our pockets, so it's time to act. But don't be fooled, we are not blameless here. Apathy has its reprisals and no protection means we are fuelling the problem. We are the ones who have consistently been guilty of propagating viruses.
Who me? Yes us!
Jayne Parkhouse is reviews editor for SC Magazine (www.scmagazine.com).