ZDNet UK

CNET NETWORKS UK BUSINESS SITES:
atlarge.com
BNET UK
silicon.com
SmartPlanet.com
ZDNet.co.uk

ZDNet.co.uk - Winner of Best Business Website 2007

You are here: ZDNet.co.uk > News > Security

Security threats Toolkit

'Clean up this Internet effluent now'

Tags:
Viruses

Jason Curtis ZDNet Germany

Published: 07 May 2004 16:10 BST

We are losing the malware war. Conventional antivirus and anti-spam countermeasures seem ineffective against an increasingly sophisticated enemy. The argument is that server- and client-side solutions draw the battle lines far too deeply inside their own territory, robbing computing, bandwidth and other resources. What's more, their inherently reactive approach dooms IT staff to an endless cycle of patching and pushing out client updates.

E-mail security provider Messagelabs is taking the fight against spam and viruses elsewhere by offering proactive managed services that stop spam and virus threats at the Internet level, before they reach corporate networks and end users.

ZDNet spoke with Messagelabs chief technical officer Mark Sunner about current Internet threats, organised crime, and the latest trends in combating today's overwhelming flood of unsolicited mails and dangerous malware.

Within the last year, have you monitored an increase in the number and/or severity of Internet attacks? What were the hallmark features of recent Internet threat activity?
We've definitely noted an increase in overall traffic. I think the biggest trend we're seeing now is the increasing sophistication of the techniques used specifically in viruses. The sophistication is very much geared around subverting the flaws within traditional antivirus protection. Rather than obfuscating the viral code as in the past, virus writers are now changing the encoding techniques.

We've also seen social engineering being a factor as well, where virus writers are introducing a human element by putting malicious code in password-protected Zip-files and finding some route to encourage the user to then unlock the virus once it reaches the desktop.

The final trend that we're seeing is a new convergence between viruses and spam. Just to put a mark on that, 66 percent of the spam that we're now intercepting is coming from open proxies -- these are machines that have been infected with Trojans similar to those dropped with viruses such as Sobig, Fizzer or MyDoom. The use of large zombie networks is definitely becoming the en vogue technique of choice within the hard-core spammer community.