iApplianceWeb-iApplianceReview

Sponsor-Editors Sites
• iApplianceReview
• Appliance-Lab
• CyberNode Appliances
• VideoIP Services
• Energy Gateways
• Metering & Appliances
• Netcentric Community
• Techrite Associates

EETimes Sites
• EE TIMES
• EE TIMES ASIA
• EE TIMES CHINA
• EE TIMES FRANCE
• EE TIMES GERMANY
• EE TIMES KOREA
• EE TIMES TAIWAN
• EE TIMES UK

EETimes Network Sites
• CommsDesign
• iApplianceWeb.com
• Microwave Engineering
• EEdesign
• Deepchip.com
• Design & Reuse
• Embedded.com
• Embedded Edge
• Elektronik i Norden
• Planet Analog
• Silicon Strategies

• Byte
• ChannelWeb
• CMP
• CommWeb
• Com. Convergence
• CRN
• Conferences and Events
• DB2
• Dr. Dobbs Journal
• DV.Com
• EBN
• EBN China
• eeProductCenter
• Electronics Express
• Electronics Express
• Internet Week
• Network Computing
• Network Magazine
• NetSeminar Services
• QuestLink
• TechWeb
• VAR Business
• Windows Developer

2003: Tough fight against cyber-worms, viruses, trojans

By Gregg Keizer, TechWeb News
iApplianceWeb
(12/31/02, 12:38:03 PM EDT)

IT managers should brace themselves for a tough 2003 fighting the world's virus, worm, and Trojan horse writers, according to predictions made Monday by security expert Roger Thompson, the author of the WormWatch Web site.

Thompson, also the technical director of malicious code research at TruSecure, predicts that 2003 will be more difficult for security pros than 2002.

“At some point [in 2003], we'll get another serious smack up side the head,” Thompson said. “We're ripe."

Although home users and small businesses remain vulnerable to malicious code delivered via e-mail -- Bugbear and Klez were 2002's biggest -- Thompson noted that mass-mailing Win32 worms were essentially unsuccessful in damaging corporations in 2002, unlike the previous year, when notorious worms such as Code Red and Nimda wrecked havoc globally.

“The day of the e-mail worm is largely done,” he said, in large part because companies are filtering their incoming e-mail and, more importantly, simply saying no to executable attachments, the delivery system of such worms. “When the majority [of corporations] start doing things like this, it helps all of us enormously.”

And that's what he's afraid of during 2003.

“I have no doubt that the bad guys are saying, 'look at e-mail defenses,' and making adjustments,” Thompson said. That trend is already evident. One of 2002's most dangerous worms, W32.Opaserv, doesn't even have an e-mail component.

Thompson is convinced that 2003 will see an attack on the level of 2001's Code Red. What shape it takes is unclear, although he points out that worms such as SqlSpida have been successful at finding weak SQL servers. His WormWatch page, in fact, cites SqlSpida as December's most potent worm.

Rather than worry about threats coming in on the back of e-mail, corporations should look internally to secure their networks and computers.

“They need to pay attention to the inside of the networks, harden it that so when something does get in, it can't spread.” Among Thompson's solutions: configuring the company's PCs by turning off unnecessary services and changing shared-level passwords.

“What I really worry about is that people are still thinking of shoring up e-mail defenses,” he said, adding that security pros should not relax.

“Who knows with these guys [malicious code writers]? If it's not another Nimda, it will be something along the lines of one,” said Thompson. “They can shoot us any time they want. They just gotta want to.”

For more information about the issues, products and technologies mentioned in this story, go to the iAppliance Web Views page and call up the associatively-linked XML/Java Web map of the iApplianceWeb site and search for product information since the beginning of 2002.

For technical article coverage, go to EETimes In Focus maps on the same Web page and browse or quickly search for all articles on a particular topic since the beginning of 1998.

These Web Maps can be browsed by date, by category, by title, or by keyword, with results displayed instantly either as a list of possible hits or with the specific Web page.