Cheswick: Viruses primed to be more complex, vicious
Computerworld Australia -
SYDNEY -- Viruses and worms are primed to become more complex, vicious and dangerous as the days of quick and easy exploits come to an end thanks to Microsoft Corp.'s efforts to finally lift its game.
Speaking at the Auscert conference in Queensland on Monday, former Bell Laboratories researcher, IT security author and founder of IT security company Lumeta Corp. Bill Cheswick said improved security will force malicious code writers to construct more complex wares that will either circumvent or push conventional defenses such as antivirus software and firewalls to their limits.
Cheswick said recent examples of malicious code that hadn't necessarily escaped into the wild were generally becoming more time-consuming and difficult to safely replicate or fix..
"Virus emulators are slowing down. This game is not going to end nicely. ... What happens if there is a virus you cannot defeat [before it cripples the Internet]? The spooks [defense and information warfare specialists] worry about viruses with their own compilers," Cheswick said.
Despite the new threat, Cheswick said Microsoft was doing its best to remedy the way it builds security into its code after some 20 years of less-than-perfect versions.
If there was doubt about Microsoft's capacity to deliver secure computing, it wasn't reflected by way of lack of interest in the head of the company's Security Response Center, Iain Mulholland.
Mulholland backed Cheswick's assessment of more complex exploits starting to appear, saying that he was seeing "a commodity market being built that buys and sells exploits and vulnerabilities," which he likened to "the next big thing after the dot-com boom".
"The low-hanging fruit is gone. Some of the exploits we are seeing are very complex," Mulholland said.
Mulholland said that while holes were being discovered far more frequently than monthly patch releases, Microsoft was concentrating on getting the best possible quality out of its security updates so that more problems weren't caused by the patches, Mulholland said.
Not everyone was convinced. One delegate, a government IT security manager who requested anonymity, criticized Microsoft's current patching regime. He said software updates could potentially be hijacked by diverting the IP address -- resulting in possible infection by Trojan horses.
Mulholland countered the allegation by saying that code downloaded from Microsoft was "intentionally very brittle" and that authentication by way of "baked in certificates" was there to protect users.
Reprinted with permission from
Computerworld Australia
For more news from Computerworld Australia, visit its Web site. Story copyright 2006 Computerworld New Australia. All rights reserved.Security
Additional Resources



White Papers & Webcasts
Share our Strength
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Top 10 Things to Know about Data Protection
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Ponemon Study: The Business Risk of a Lost Laptop
Download Now
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Airport Insecurity: The Case of Lost Laptops
Download Now
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
