PCs are actually safer today than they were four years ago, when the first batch of mass mailing viruses -- such as LoveBug and Melissa were introduced.
The Sasser worm is spreading quickly, automatically infecting Windows systems that are not protected by Microsoft's latest patches. Similar to the Blaster worm that hit last August, Sasser uses a known defect in Windows that allows it to scan for other vulnerable machines without any intervention from the user.
Antivirus firm Panda said that companies are running for cover as all four of Sasser's variants charge up the company's "top ten" most detected viruses chart. According to Panda, Sasser has infected a third of the Taiwan postal service's computers, and the UK Coastguard has reported that its network is under attack from the worm.
Antivirus firm Sophos' senior technical consultant Graham Cluley said new laws have also helped, which means it's harder for the bad guys to get away:
"More countries have introduced computer crime laws," said Cluley, who pointed out that the author of the LoveBug virus, a student from the Philippines, was never prosecuted: "He got away scot free because the crime laws in the Philippines were not strong enough."
Ben Nagy, senior security engineer at eEye, the company responsible for discovering the Windows vulnerability exploited by the Sasser worm, agrees that virus and worm writers are much cleverer than they were four years ago: "Four years ago, your average hacker may have been able to exploit a simple stack-based buffer overflow, but now we are seeing exploits that require a deep understanding of the Windows architecture," he said.
And although virus writers have improved their skills over the past four years, so has the security industry. This means users are actually much safer -- as long as they keep their security software updated. Nagy said the main problems are caused by a lack of patching, not because attackers getting smarter.
"People need to understand that although these exploits are hitting known vulnerabilities, they are not being patched in time because users are not yet accustomed to thinking in that way -- they always want to put it off till tomorrow," said Nagy.
Sophos' Cluley said that although Sasser does not require user intervention to spread, the vast majority of viruses spread because users continue to click on attachments.
"Four years ago, LoveBug didn't rely on any Microsoft vulnerabilities, it relied on the bug in people's brains -- and I don't think we have upgraded enough people's brains yet. If an attachment's name is attractive enough, a large percentage of people will still click on it and get infected," he said.
In order to post a comment you need to be registered and logged in
Log in or create your ZDNet UK account below
By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Membership FAQ
Apple are currently pushing to get tv content on the iPad by April 3rd. This could possibly be seen as a spoiler for that announcement I suppose....
12 hours ago by John Molloy
Hey - presume you mean something that builds on Apple's existing TV device? Apple have already had a couple of runs at building Apple TV and it's...
18 hours ago by Andrew Donoghue on Google's TV timing may reveal more to come
Google, Sony, Intel may build TV project www.zdnet.co.uk/news/emerging-tech/2010/03/18/google-sony-intel-may-build-tv-project-40088359/
19 hours ago on Twitter by BVE2011
70,0000 to 90,0000 computers? A very small number considering some of these botnets are in the millions, and there are so many of them operating,...
20 hours ago by ator1940 on Microsoft says it decimated Waledac botnet I agree Roger, and why can't they write secure code? What will happen when they find stolen code in windows? They have a track record of...
20 hours ago by ator1940 on Microsoft lashing out at Linux, open source Do you think it will really take days?
20 hours ago by ator1940 on Microsoft previews Internet Explorer 9 with HTML 5 support
Wonder how many days it will take before somebody codes an exploitive hack for IE9?
1 day ago by Xwindowsjunkie on Microsoft previews Internet Explorer 9 with HTML 5 support
There are some really good people in Microsoft and I wonder, how embarassing it must be for them to see how the organisation behaves from it's...
2 days ago by roger andre on Microsoft lashing out at Linux, open source
Great new look for ZDNET UK web-site http://bit.ly/9R5eAA to check it out @ZDNetUK #zdnet
2 days ago on Twitter by ajclarke
Microsoft previews Internet Explorer 9 with HTML 5 support - zdnet.co.uk http://bit.ly/9FSh23
2 days ago on Twitter by feedfrog
We were just pondering on when IE will get HTML5 and CSS3 onboard! this is excellent
2 days ago by kencogold on Microsoft previews Internet Explorer 9 with HTML 5 support
RT @suziedaniels: relaunched www.zdnet.co.uk raises the bar yet again! its so fast it makes my eyes bleed.
2 days ago on Twitter by riptari This is brilliant - I borrowed one and straight away saw that a few AP`s were set up to the wrong country. It gives interference levels on each...
2 days ago by Bob Preece on Fluke Networks AirCheck Wi-Fi Tester
http://www.zdnet.co.uk/news/networking/2010/03/11/european-parliament-votes-down-acta-treaty-40085614/ (Where does this leave #Debill?)
2 days ago on Twitter by _SimonArnoldme
relaunched www.zdnet.co.uk raises the bar yet again! its so fast it makes my eyes bleed.
2 days ago on Twitter by suziedaniels
Redesign complet pour ZDNet UK et AU, Twitter au centre http://www.zdnet.co.uk/ http://www.zdnet.com.au/
2 days ago on Twitter by eparody
RT @eparody: Redesign complet pour ZDNet UK et AU, Twitter au centre http://www.zdnet.co.uk/ http://www.zdnet.com.au/
2 days ago on Twitter by cdutheil
Sharepoint 2010 in photo's http://www.zdnet.co.uk/reviews/communication-and-collaboration/2010/03/04/sharepoint-2010-screenshots-40070577/
2 days ago on Twitter by gerardvFor multi-store outlets, including retail, banking, grocery, gas, hospitality, convenience stores and others, reducing (or avoiding) the cost of in-store system support and maintenance while maintaining compliance with PCI and other requirements has become a strategic challenge.
Speaker: Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. As Enterprises are increasingly connected to the Internet and as hard organizational boundaries are fast disappearing, security professionals are facing fresh challenges in Enterprise computing.
This tutorial is for new MindManager users and teaches you how to get started, by creating maps, reading maps and organizing your information.
Talkback
This article consistantly confuses The Lovsan worm with the I LOVE YOU one. Lovsan is another name for MSBLASTER
5 May 04 02:20 ReplyAdam, thanks for pointing that out - the article has been corrected.
5 May 04 09:57 ReplySorry this will be a bit long-winded guys, I just want to get my point across, thanks for being patient with me.
7 May 04 00:21 ReplyI totally agree that users brains have got to be upgraded. I've been using a computer in one form or another for about 30 years and I have my own antivirus software. I run two, a free one and Norton 2002 and always run updates. Also I run 98SE so I don't get hit so often. Also my ISP runs it's own antivirus software and is 99.99% effective.
I'll give you an example about users brains ... on Sunday my hubby was at a friend's house when he got a txt message. It was from a neighbour wanting to know if I could LEND her daughter my antivirus disc ... a big no-no with me. I install software & build machines I do not lend software out. I offered to go round with a copy of AVG for her but was turned down ... the set-up programme is on a CD which will never get collected now because they went out & bought their own disc on Tuesday ... nice of them to let me know. I think users should also have their brains upgraded with a set of decent manners as well, don't you?
Anne
If we upgraded "users' " brains we'd be a whole lot better off.
7 May 04 12:57 ReplyJust as we don't rely on people just not speeding or driving with alcohol, we shouldn't be relying on users being smart with their computers.
I have users here who have studied law for 10 years yet come to me to get their Windows bar realigned when it "completely out of itself" moved to the top of their screen.
The entire world would be a much much better place if everybody could rely on each other to do the sensible things (we probably wouldn't even need laws).
This is not news, this is a well-known frustration of every sysadmin.
Besides, on the problem of (not) patching: I've patched our Windows servers dozens of times, but each and every time I do it, Microsoft turns out to have a few little undocumented suprises up it's sleeve, twice (I know of) even resulting in our entire industry not being able to do our jobs correctly for weeks, and always resulting in some functionality changed or abolished.
So our Operating Systems need to be secure and reliable, but so do our patches, Bill.