Complacency - not complexity - the killer in IT security

Complacency - not complexity - the killer in IT security

Complacency on the part of the user, rather than the sophistication of code sent by virus writers, remains the main threat to IT security.

A report published by anti-virus software vendor Sophos on virus activity for the first six months of 2003 highlighted the fact that a number of viruses had "over-run", meaning that they were still being widely reported more than a month after they had been identified.

According to Paul Ducklin, Sophos' head of technology, Asia-Pacific, viruses that appear in a monthly top ten should not appear in a top ten list again, given the fact that in subsequent months, its detection and prevention should be routine. By that token, a virus that has been around for six months and has featured in the top ten in each of those months, has "over-run" its quota by five months.

"It is complacency in the greater computing community, more than complexity or cleverness on the part of virus writers, which remains our biggest concern. What the six-month roundup suggests is that the best average over-run figure we can expect is 2.2 months for viruses which make the Top Ten. So, even after allowing these viruses a month of grace (which is probably quite generous, given that daily - even hourly updates are quite normal these days), we are looking to experience trouble with them for nine more weeks."

"After a month," continues Ducklin, "it's increasingly difficult to blame your anti-virus vendor, or your ISP, or the operating system, or even your IT manager.  We all need to keep on the ball in order to reduce those nine extra weeks of opportunity that today's viruses seem to enjoy."

Variants of the Bugbear and Sobig worms that had only been in circulation for a month were placed at first and second in the top ten most frequently occurring viruses, illustrating that even fairly plain viruses, without the type of buffer overflow attack used by the Nimda and Slammer viruses, can still cause widespread problems quickly.

Meanwhile, teeny pop punk Avril Lavigne would appear to be the virus celebrity of the year so far, with two Avril worms accounting for 5.5 per cent of virus reports. Surprisingly, the Igloo worm, which promised unauthorised photos of Shakira, Sandra Bullock, Catherine Zeta Jones and Sarah Michelle Gellar, failed to chart.

Related Article:

New variant of worm Zipping around the Net

Business Solution: