Tech Features

At Cebit, experts say war against viruses could be lost

By Andrej Sokolow Mar 17, 2007, 14:22 GMT

Hanover, Germany - The war against computer viruses may no longer be winnable, with criminals and espionage agencies spreading their attacks, experts are warning at the world's biggest computing fair.

'If the growth in malware continues at the current pace, makers of anti-virus software may not be able to withstand the onslaught,' said Eugene Kaspersky, the respected Russian expert on computer security, in a speech at the Cebit expo in Hanover, Germany.

His company, Kaspersky Lab, offers a minute-by-minute update on its website as new malware - a broad term covering viruses, spam, phishing and other methods of taking control of digital devices without permission - is discovered.

His Finnish rival, F-Secure, says that on a bad day, its servers receive from customers 40,000 copies of files suspected of evil intent.

'How can we deal with this avalanche,' asked F-Secure chief research officer Mikko Hypponen, whose company has developed software to not only pick out known malware but also to automatically hunt for software doing anything suspicious.

'This is not just a battle between manufacturers of security software and some internet criminals. It is a war between good and evil,' declared Hypponen, who was recently credited by a US magazine as being one of the 50 most influential people on the internet.

Computer security experts have regularly warned down the years that no one is completely safe, even if anti-virus advertising suggests that consumers can rest easy if they buy such products.

At Cebit, it is plain that there are leaks in the dykes built by Kaspersky, F-Secure and other anti-virus companies.

For a start, there is the sheer size of the onslaught, with the volume of malware growing last year by a factor of 2.5. Kaspersky predicts comparable growth in the course of this year.

'I would propose a sort of internet Interpol, he said, referring to the UN organization where police swap wanted data. Soon, no single suite of security software may be able to cope in this 'spooky arms race' against unseen attackers.

Another weak point on the good side is the innocence of humans, which attackers are learning to exploit in ever more devious ways.

A new trick involves sending people what appears to be an everyday invoice, for example for their TV licence, with an exaggerated amount. That makes people angry, and anger makes it easier to believe the e-mail really comes from a public institution.

They click on an attachment that appears to be a PDF file, a common format for sending printed documents with e-mail.

Unfortunately the file is really a trojan horse: a form of software that steals account details and passwords or creates a zombie computer that distributes spam under criminal control.

'We are dealing more and more with a worldwide industry that employs thousands of people,' said Kaspersky. 'I would not be surprised if they had greater turnover than the total sales of the security-software sector.'

Hypponen pointed out that a spammer can live comfortably if just one in a million spam mails scores a sale.

Malware packages are being freely offered for sale on the internet for several thousand dollars apiece and some suppliers will write malware to order. Cyber-criminals even offer for rent the squadrons of zombie computers they control.

Unwitting home and small office users are providing the actual computers, electricity and other costs.

The kings of spam, believed to live in China, Russia and Latin America, allegedly earn millions of dollars from the practice.

Virus writers also gain an advantage from the fact that there are no national borders in the internet. Police cannot work cross-border.

'In Europe, you are not worried about Brazilian car thieves getting away with your car,' says Hypponen. 'But attacks on your computer could come from anywhere on earth.' In poor countries, the temptation to mount such profitable attacks is all the greater.

'These people are paying programmers the kind of salary that I could never afford,' says Natalya Kaspersky, chief executive of the Kaspersky company. That attracts talented young people to the 'evil side.'

Hypponen says malware, formerly the domain of amateurs, has been dominated by criminals since 2003. Since last year, the cutting-edge malware appears to have been the work of espionage agencies.

Software engineer Kaspersky says he worries about campaigns to increase computer use in emerging and underdeveloped economies.

'At the moment, practically none of the malware is coming from Africa,' he said. 'If Africans began to join in, the pressure would become enormous. And suppose that just 1 per cent of China's population developed into online criminals. We wouldn't have a chance.'