|
|
|
Old viruses shouldn't be thought of as dead and gone but merely lying dormant Keeping up with the latest patches and virus threats is difficult enough but security experts claim older viruses can still cause problems even if they aren't hitting the headlines anymore. Although so-called "legacy viruses" are slowly dying off, some old malicious code is still lying in wait to strike. Alex Shipp, senior antivirus technologist at MessageLabs, says viruses often live on for months and years after they are initially detected. Statistics from MessageLabs on the day this piece was written show that Klez.H-mm, a worm first seen in April last year, is still doing the rounds and rates as the fifth most active in the preceding 24 hours. Shipp explains although most businesses will have patched their systems against old malicious code, home users are not so diligent -- providing the perfect breeding ground for legacy threats. "Older viruses are still out there and every so often they get into company networks again. It only takes one machine to be unpatched," he says. Larry Bridwell from ICSA says these inactive viruses are analogous to fish thought to have disappeared from the seas. No one thinks much of them until "some fisherman in Madagascar pulls one out on a line." Although some viruses are likely to burn themselves out as they're too destructive or the virus writer has written an expiry date into the code, some legacy viruses represent a threat to complex environments. "For a single user it's trivial. If you have a million machines in a number of different places then it's a complex problem to deal with," says Symantec's US-based senior director of Security Response, Vincent Weafer. MessageLabs' Shipp claims that the antivirus industry has evolved and learned alongside its enemy -- so knowing what has gone before is vital to combating future attacks. He claims the same is true within companies where processes for dealing with previous attacks, such as educating users about opening attachments, will help with the new threats. "I think we have been all learning as the problem goes on. You need to evolve your defence alongside the threat; things like partitioning off your network so a virus or worm can't spread across the whole company," he says.
|
| |||||
|
|
