Computer viruses could move into biological realm, researchers say
Attacks based on designed viruses could interest bioterrorists
IDG News Service - Computer hackers could create malicious software that crosses the line from technology to biology, crafting viruses that could spread dangerous epidemics, researchers said at Black Hat Europe.
"We are really on the border between the living and the not living," said Guillaume Lovet, senior manager of Fortinet's Threat Research and Response Center, during a keynote speech discussing the similarities between biological and computer viruses. Fortinet was the main sponsor of the Black Hat Europe security conference in Amsterdam last week.
The comparison between computer and human viruses was made to give security researchers a better understanding of why the human immune system is so much better in battling viruses then antivirus systems.
"We came to wonder if there can be some kind of convergence between human viruses and computer viruses," Lovet added. "It may sound like a scenario for a bad Hollywood movie, but it is not such a stupid question."
One of the main things that led Fortinet researchers to that conclusion is the similarity between computer and human viruses. In essence they behave the same way, including information coding for parasitic behavior inside a host system.
Reasoning along this line of thought, a Denial of Service (DoS) attack can be compared to HIV (Human immunodeficiency virus), because both aim at overloading a system, said Ruchna Nigam, security researcher at Fortinet.
There are other comparisons between computer viruses and HIV. HIV attacks the immune system, making humans more vulnerable to certain diseases. Computer viruses such as W32/Sality also use this strategy, terminating antivirus programs and setting a malicious program as an authorized application to bypass Microsoft's firewall.
The researchers also pointed out that both humans and computers infect themselves. A human visiting a doctor and getting an infection is not an unthinkable scenario, Lovet and Nigam pointed out. Likewise, computers can get infected by visiting a website and downloading a so-called drive-by download -- malware that is embedded in the site that tries to install itself on computers.
"This is how the ZeuS Trojan built a botnet of an estimated 3.6 million hosts in the USA alone," noted Lovet and Axelle Apvrille, another Fortinet researcher, in a research paper.
Biological viruses, such as the influenza virus, are also known to change upon replication. When viruses replicate "they mutate themselves," Nigam said. This behavior is comparable to the way the Conficker and Koobface viruses work. It's a nightmare for security analysts, because every replicated sample is significantly different from its predecessor. This can render antivirus signatures, designed to detect malicious viruses, close to useless.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts