ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Network management Toolkit

Resistant virus strains to hit the Net?

ZDNN, US ZDNet US

Published: 15 Jun 1999 08:04 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

"We seem to have a Darwinian evolution of viruses going on," said Abner Germanow, an analyst at International Data Corp. in Framingham, Mass. "The viruses are becoming more powerful." While Melissa, which struck in March, spread fast, it was merely an annoyance for most companies. And, the April attack of CIH (sometimes called Chernobyl) did a great deal of damage, but the virus took more than a year to spread.

But the ExploreZip virus is sort of a digital platypus. It combines features of its two predecessors, using e-mail to spread like Melissa and deleting files like the malicious CIH.

That makes ExploreZip a whole lot deadlier. Not only does the virus spread more quickly, but its method of wiping out files is more effective than CIH, said Greg Olson, operations manager at data recovery firm Ontrack International Inc.

Unlike CIH, which deletes the file allocation table -- the road map to the files on the disk -- in the first 1MB of the hard drive, ExploreZip creates a file of zero length and then names it the same as an existing Word, Excel, PowerPoint, C or C++ file, essentially overwriting the original file. "Recovery is more difficult than (with) the CIH virus," he said. "But in most cases, we've been able to recover at least some of the data." The company has had more than 100 customers call for services, with an average of 50 PCs downed per company.

That means that the majority of the companies hit by the virus have lost at least some data.

Network administrators at game company Electronic Arts Inc. worked late Thursday and part of Friday last week to recover data from system backups.

"We back up to tape every night," said Vicki Gordon, director of operations and networking for the game publisher. "About a quarter of our users lost a day or so of work. Those not on the backup service lost all their documents."

But a more subtle form of evolution is in the virus' packaging. Wrapped in an e-mail seemingly from a known user, ExploreZip is camouflaged, which helped it gain entry into the networks of Microsoft Corp., Intel Corp., Boeing, AT&T and other major companies.

"The social engineering on this virus is astounding," said David Perry, researcher with anti-virus firm Trend Micro Inc. All viruses in existence today need the user, or someone in the user's workgroup, to act in some way -- usually to open an e-mail attachment. That's what so-called social engineering is designed to do. Increasingly, the package in which the virus is embedded looks respectable enough to fool users into opening it.

These sorts of evolutions are not new, said IDC's Germanow. "It's not so much the start of a trend, but the continuation of one that has been there for a while," he said.

It's survival of the fittest in the digital world. Seeing their futures tied to that simple concept, companies are beefing up their Internet security and policies. With three major virus incidents slamming Internet-connected companies in the past four months, these companies are taking Internet security more seriously.

Electronic Arts, for example, is sitting down for a heart-to-heart with its anti-virus software provider, said EA's Gordon. "The virus was first discovered on Sunday," she said. "We didn't find about it until Thursday. That's a problem." Many, however, are responding in the wrong way, said virus expert Rob Rosenberger, Webmaster of the Computer Virus Myths Web page. "Companies are starting a trend of precautionary shutdowns," he said. "They are not aware of what their users are doing on the Internet, so when they encounter a virus, they shut down just to make sure."

With companies finding out the hard way the value of their information, those sorts of shutdowns may only increase. But IDC's Germanow points out that such a solution can be as bad as the problem itself.

"As little as two years ago, if e-mail went down for two hours, it wasn't a big deal. Today, it's enormous."

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
29 out of 66 people found this useful


Full Talkback thread

0 comments


Company/Topic Alerts

Create a new alert from the list below:












Related Jobs

McAffee Anti-Virus Rollout Engineer (Field Based)

My West Midlands based client has a requirement for 2 Engineers to rollout McAfee Anti-Virus on to 600+ desktops at multiple sites throughout the ...

McAffee Anti Virus Rollout Engineer CRB Cleared

I have an urgent requirement for a McAffee rollout Engineer to start Monday 28/07/08. The roll is 1 month rolling and is paying 9 / 10 per hour The ...

Senior Support Engineer- London- 40-47,000

A leading media company are currently looking for a Senior Support Engineer to come and join their team based in the heart of London. This is an ...

Featured Talkback

Could it be that ISP’s are making this out to be a bigger problem than it actually is? We’re a small country with an internet penetration of less than 60%, for every Youtuber there’s someone who only uses the internet to check their emails, more people surf on their mobile handsets than a few years ago. Surely things should even themselves up.

By: harpless

Read full story:
Unlimited-broadband offers to go 'within a year'

On The Road Blog

Mobile Security Expert: Your Camera Ph...

Mobile Security Expert: Your Camera Phone Got Hacked Author: Eric Everson, Founder MyMobiSafe.com Have you ever heard someone say “I’d like to be a fly on the wall in that room.”?... More

Post a comment

Eee 1000 + iPhone 3G = the ultimate mo...

Having left the comforting bosom of ZDNet.co.uk to strike out on my own as a freelance journalist recently, I found myself contemplating a shocking truth – I was going to have to shell... More

Post a comment

Think Your Skype Call is Secure? Read...

There is growing, and credible, speculation that Skype has built in a back door to allow monitoring of SKype calls. Heise Online has a good article about it. So, what we have now... More

Post a comment