Virus protection vendors crying wolf?

Some viruses and worms get more than their fair share of publicity and may cause unreasonable panic among users, says security specialist McAfee's Anti-Virus Emergency Response Team (Avert).

Some viruses and worms get more than their fair share of publicity and may cause unreasonable panic among users, says security specialist McAfee’s Anti-Virus Emergency Response Team (Avert).

It cites the latest rumours being spread about the danger of the Pokey or Pikachu virus, which Avert says presents in reality a very low risk.

The team lays the blame at the door of “certain [virus protection] vendors” (unspecified), which it says are “hyping viruses that are not a real threat to the computing community.

“This disturbing trend negatively impacts the credibility of the entire industry and is causing the user community to unduly react to viruses that pose little threat….

“If this ‘crying wolf’ trend continues,” Avert says, “users may not act quickly when the next legitimate outbreak occurs.”

Ric Byrnes, a senior support manager in Sydney for McAfee parent NAI, points to the danger of organisations shutting their systems down in face of a virus threat and damaging their businesses when such a reaction is not warranted.

NAI/McAfee was first aware of the Pikachu virus in mid-June, and developed protection against it, but has never seen it in the wild, he says. He cannot account for the sudden rash of publicity about it more than two months later.

The virus makes itself evident with a graphic and text related to a Pokemon character called Pikachu. It alters the Autoexec.bat file to make it delete crucial system files; but the deletion only comes into effect if the machine is rebooted before the virus is removed and the file corrected. The virus also emails itself to other people in the original victim’s address book; a feature it shares with recent well-known viruses Melissa and the Love Bug.

Virus expert Jim Baltaxe, at Victoria University agrees that "maybe there is a bit of self promotion" among the vendors of anti-virus packages in spreading virus stories.

"But on the other hand, viruses are always around, and very easy to catch without protection. We're between a rock and a hard place on this question. You'd have to be rather stupid these days to leave yourself wide open.

"Yes, the 'crying wolf' aspect worries me. People should not panic. Many viruses that do spread don't discharge their payloads." There are sensible precautions like a good virus-checker with its definitions kept up to date, "and frankly I'd say avoid using [Microsoft] Outlook; avoid subjecting yourself to the atrocious level of security that is in many of these Microsoft products." Users should turn off automatic opening of email attachments and automatic execution of macros. But the first and most important line of defence, Baltaxe says, is to have data and programs regularly backed up.

Meanwhile, Microsoft has issued an update to its email security to deter viruses such as Love Bug and Pokey from infecting and spreading. The amendment “prevents users from accessing several file types that contain executable code, when sent as email attachments,” a Microsoft bulletin says.

A dialogue box now displays when a program attempts to access the Outlook address book. The default security zone setting in Outlook has also been raised.

Join the newsletter!

Error: Please check your email address.
Show Comments
[]