|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads | |
AUGUST 26, 2003
By Alex Salkever The Ever-Growing Virus Crisis [Page 2 of 2] It isn't much of an imaginative stretch to think of terrorists using these same tactics. The viruses are advancing rapidly from crude to cunning. In the SoBig worm, key sections of code were encrypted, forcing dozens of security experts to work around the clock just to understand what the virus had been programmed to do. "SoBig is not your average teenage kid writing code from his basement. This is professional and well executed," says Mikko Hypponen, director of antivirus research at security company F-Secure. At the same time, the number of attacks launched and software vulnerabilities reported are soaring. The World Wide Web is looking more and more like the Wild, Wild West, with peaceful settlers caught in the crossfire. LOCK-DOWN. Security experts have long considered home PCs with always-on broadband connections as the most vulnerable to attacks. This weakness is quickly growing into a gaping hole in the Internet's infrastructure. Belthoff and other antivirus experts estimate that, while many corporate, government, and university systems caught the worms, by far the largest percentage of infected machines belonged to home users unschooled in information security. Yet there finally seems to be a dawning awareness among Jane and Joe Home-User that it's a dangerous world out there, and they must keep their computers safe, much as they secure their homes and cars. Says the ISA's McCurdy: "The computer is not like a television. You don't plug it in and leave it. It takes constant updating and personal involvement in maintaining security." How to get millions of PC users up to speed has remained a thorny topic for some time. For the past year, Microsoft has been installing its operating systems with some of the paths that could be used by attackers turned off as a default setting. Now, grudgingly, the company will likely make the rudimentary firewall installed on all WindowsXP machines a default setting. SHOCK ABSORBERS. Then there's America Online (AOL ), which has launched an ad campaign touting its new tools to scan subscriber systems for vulnerabilities and provide them with antivirus software and firewalls to guard their desktop. Microsoft, likewise, put together a Web site to teach users how to lock down their machines by activating the firewall and using antivirus equipment. These moves are a decent start. But the battle to get home users to wise up about Web security has only just begun. Security experts estimate 5% or less of home users are running firewalls. A significant percentage of home users have installed antivirus software. But considering that SoBig caused this mess with only 500,000 machines and the number of PCs on the Net around the globe is in the hundreds of millions, there are still more than enough PCs without antivirus software to allow big worm and virus outbreaks. In this environment, the AOL approach of building protection into its subscriber software package has significant merit. Still, worms and viruses can sneak into even more heavily guarded corporate networks. So AOL and other ISPs surely will face the continuing threat of infection, and must educate the public of the threat. Security mandates may ultimately be the only way to go. For example, ISPs, cable companies, or satellite signal providers might require all users to have a live, updated firewall and antivirus software on all PCs in the house before being allowed to log into a continuous high-speed connection. And software makers need to look harder at their code in order to prevent hackers from exploiting weaknesses. While the Feds and security experts fought SoBig to a standoff, Microsoft announced two more flaws in their software that required patching. That could very well presage a long, tough year fighting worms and viruses.
 Salkever is Technology editor for BusinessWeek Online and covers computer security issues weekly in his Security Net column Edited by Douglas Harbrecht
BW MALL
SPONSORED LINKS
Buy a link now!Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | |
 Copyright 2003, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Policy |
Printer-Friendly Version
