Dealing with continuing virus threats
1st March 2004 (Computimes)
By A.SHUKOR RAHMAN

IT must have been a busy week for "IT guys" around the country (and the globe, for that matter) as they rushed around to beef up the defences of their corporate networks against the never-ending attacks of unwanted (and uninvited) little programs generally called computer viruses. The latest to grab attention and cause concern is the Mydoom.F worm.

I suspect many of the IT guys were having a major headache of cleaning up the mess left by the viruses that managed to slip into the environment - most of the time through e-mail attachments.

I guess the poor IT guys also had to receive an earful "lecture" from the top management for "not doing enough" to prevent such incidents from occurring. This is in addition to the endless complaints from the end users on missing files and crippled computer systems. Never mind the fact that most of the time, the end users are the ones who actually "brought" in the virus - by merely clicking on those attachments that carry (or infected with) the virus.

Then again, isn't it human nature to always put the blame on someone else whenever bad things happened? Anyway, what this shows is that users, at all levels, play an equally important role as those "techies" in protecting their networks against any threats coming from outside.

Indeed, the e-mail is a very useful tool, but at the same time, it is also a major link that make networks vulnerable to attacks.

The battle never ends. New viruses keep coming. Sometimes I wonder... don't these smart programmers have anything better to do? Can't they put their extraordinary talents to better use by creating something that is actually beneficial to computer users worldwide?

Perhaps, the technology will continue to improve, coming to a stage where it will be impossible for any malicious code to slip through the security screens and filters. Then again, I guess this is just wishful thinking.

Given the fact that viruses are designed to exploit flaws in the current technology to get into systems and mass-propagate themselves, the threat will remain.

Let's delve into some statistics. Those provided by the National ICT Security and Emergency Response Centre (Niser) available at the site www.niser.org.my, reveals an upward trend in the number of reported incidents.

In July last year, the number of reported incidents were 419. The numbers came down to 349 in August, but went up to 520 in September, 704 in October, 635 in November and 721 in December.

The "momentum" carried on into this year with 856 reported incidents. Spam incidents topped the list at 640 followed by system intrusions at 164 and virus attacks at 16.

Of course, these numbers do not tell us anything about the seriousness of each incident. For example, we would not know how many systems were affected by one particular security breach incident or how much damage it inflicted on the users.

In addition, I believe the figures represent only a fraction of the real number of incidents as not all victims reported them. In fact, most users (especially those in the corporate sector) try hard not to let others know about any "system break-in" in their set-up.