Top Layer In The News - Virus prompts security questions

Securing Tomorrow's
Networks Today

Press Releases

Top Layer In The News

Latest Top Layer News

• Speaking
Engagements

• Top Layer
In The News

Virus prompts security questions
- BRW

October 4, 2001

Admin spelt backwards brought trouble for administrators of big business IT systems

James Kirby, October 4-10, 2001, BRW

Nimda, a computer virus described by Microsoft as the most destructive ever,
has lifted to a new level of intensity the malicious attacks on computer systems.
The virus (this one is more accurately called a worm) hit the business community
on September 18. Its appearance has again raised quesitons about the safety of
expanding commerce on the Internet when computer systems are constantly under attack.

Industry executives cannot explain the origin of Nimda, but experience suggests
it was created by a disaffected male computer user aged 14 to 25. Thius fits the
description of hackers of the type who have created a wide range of computer virus
infections. Among the most damaging were Code Red worm (which hit in July this
year), the Anna Kournikova virus (February this year) and the Love Bug virus (May 2000).

Like all virus-style attackers, Nimda works by distributing a "malicious"
code of signals into computer systems. Nimda packs an extra punch because, unlike
its predecessors, it can attack Web servers (the core machinery if the Internet)
through a direct connection and can also attack other computers throiugh the e-mail
system. Previous serious viruses have attacked one or the other. Nimda is received
by computers freezes and any attempt to restart it erases all its hard-disk memory.

Rob Clyde, the chief technology officer at Symantec, one of the world's biggest
information technology (IT) security firms says; "Nimda is the nastiest virus
we have seen in an escalating series of attacks." The number of widely experienced
hacking incidents in the world rose from 2000 in 1997 to 20,000 last year, according
to the Computer Emergency Response Team, an IT security agency funded by the United
States Department of Defence. One of the first Australian victims of Nimda was
National Australia Bank, which experienced interruptions to Internet trading and
online banking as its Microsoft-based online systems were struck. Most of the
recent global viruses and worms have been directed at Microsoft software, particularly
the Internet Information Server (IIS) software.

Despite the ferocity of Nimda, the computer industry seems to be taking the
new problem in its stride. John Rundell, an outsourcing partner at KPMG, says;
The attacks sound dramatic, but I think most corporates can handle them quite
well. Bigger companies are getting more used to attacks, and they are building
defence systems tnhat can handle almost anything hackers throw at them."
These defence systens are known as BCP (business continuity planning) programs.

There is little evidence that any businesses want to withdraw from Internet
trading because of virus activity. Clyde says; "People know that no IT system
is 100% safe, but at the same time, business cannot turn back the clock. Every
system of business has flaws, and Internet business is no different. Most companies
can easily defend themselves against 80% of all known hacking methods with a number
of simple steps. The four elementary steps towards defending a system are: using
up-to-date anti-virus software, building forewalls at the point of connection
to the Internet, ensuring that Web servers are patched and making sure that passwords
are not easy to guess."

{In IT parlance, a firewall prevents the entry to unrecognised online contacts;
patches are small changes made to existing software for protection against new-found
vulnerability.)

Clyde says the basic steps in the defence of a system are relatively easy and
cheap, and, in general, bigger companies are better than smaller companies at
defending themselves. He says banks tend to be the leaders in the use of good
IT security measures. Chemicals and pharmaceutical companies are generally the worst.

David Britt, the Australian country manager for the US security firm Top Layer
Networks, says: "We don't see a backlash from business users over viruses.
Certainly we don't see any urge to move away from Internet trading. Rather, there
is a widened emphasis on security. The most likely outcome of increased attacks
is more emphasis from big business on the security standards of business partners
such as small and medium-size companies, or individuals doing business over the Web."

Britt says large companies might soon insist that companies doing Internet
business with them operate to a certified level of competency in IT security.