Watch out for data diddlers, says UK-based virus expert Ian Whalley.
Viruses such as the Word macro virus and more recent Excel spreadsheet viruses are part of a continuing trend of nasties emerging in the user and application space rather than the operating system.
There are always plenty of biological metaphors bandied about at virus conferences and this week's Cheyenne-organised seminar in Auckland was no exception. But Whalley, editor of the Virus Bulletin, takes it a step further. He says that macro-type viruses not only replicate but mutate and pick up pieces of code from other similar viruses during replication.
Whalley has traced virus developments over the past 10 years, from the first reported virus (developed to gauge software piracy by Basit and Amjad Farooq Alvi in Pakistan in 1986) to the more than 10,000 known viruses of today. Most of these, he says, are relatively benign, but among the 225 or so viruses that exist in the wild there are some with the potential to wreak massive damage.
Whalley says that of the 10,000, 90% infect EXE or COM files, 5% are boot sector and 0.5% are macro viruses. But in the wild the situation is different, with boot sector viruses logging 67% of reported cases and macro viruses at 18%.
Whalley says the best way to avoid viruses is to not have a computer. However, he believes that people need their silicon friends and if you have one, you are vulnerable because "no computer is an island".
He says integration of the virus detection and backup policy and system is vital and that, properly speaking, virus detection is a part of network security.
Whalley says recent research indicates virus writers are not so much the cliched chided youth drinking Coke and eating pizza, but professional programmers with a considerable degree of skill, and he says the teaching of ethics in computer education and training is lacking. He says that often virus writers and hackers do what they do because it doesn't seem real--it seems to happen in a virtual rather than real environment.
According to Whalley, there is an organised virus writing underground and he cites the Australian-based VLAD group as an example, though he says there may be signs that this group is breaking up or changing.
David Thrum, Australia and New Zealand Cheyenne country manager, says his company is about to release a survey of the Australian and New Zealand virus scene.
"While we expect to see certain parallels between the market worldwide and the Australasian marketplace," he says, "there are already certain unique features which are apparent in the survey results in this region."
Thrum emphasises the importance of integrated client and server solutions in avoiding and curing virus attacks and says modern products offer sophisticated remote detection and notification options, including telephone messaging.