Learning from the Love Bug
- — 31 May, 2000 13:01
The game of cat and mouse between antivirus software and the dark underground of virus developers will continue, but that game keeps changing. Notably in 1999, macro viruses made up between 80 and 90 percent of all virus attacks. But so far this year, macro-based attacks are down to 60 percent, leaving room for script-based attacks such as the Love Bug to take over.
The ICSA is beginning to see some very sophisticated viruses that use extremely advanced and complex programming techniques, Thompson says. So far, none have been successful at becoming widespread.
Of course, antivirus software makers are equally hard at work. The future of successful antivirus software lies in more sophisticated analyses that detect viruslike behaviors before details are known, says Vincent Weafer, director of Symantec's Antivirus Research Center (http://www.symantec.com/avcenter) .
Future products will also incorporate "generic behavior blockers," Weafer adds. For example, an antivirus program might pop up a warning if your e-mail program starts sending out dozens of identical messages shortly after you open an e-mail attachment.
Film at 11
The Love Bug was one major media star. Even local television stations dropped their usual murder-and-mayhem stories to focus on hair-raising stories of dubious accuracy by self-proclaimed pundits. (I knew it was a big deal when my 83-year-old mother, who's never been near a PC, called me and asked if I'd been affected.) Asked how damaging the Love Bug was, industry experts fall back on the Carl Sagan approach, talking of billions and billions of dollars in damage. But no one has come up with any hard numbers, and most likely no one ever will. Businesses, the group on which the Love Bug took its biggest toll, have been especially tight-lipped.
Perhaps most striking to virus experts is how many people were tricked by the Love Bug. It's "mind-boggling" that so many people blithely double-clicked e-mail attachments from individuals they didn't know, says Finn of Unisys.
In business environments, the cause may be a simple "lack of education," he says. He adds that corporate managers need to have formal training programs that raise awareness by couching security in terms that are both "personal and practical."
But Finn also cautions the importance of not creating an atmosphere of perpetual crisis, which creates fatigue that can actually work against security.
And the ICSA's Thompson comments that while the corporate world learned a hard lesson from the Love Bug, he doesn't have high hopes that the public will remember for very long. After all, he says, "the Weather Channel has to keep reminding us not to drive through flash floods during a thunderstorm."