Sunday, November 27, 2005

A Closer Look

“Increasingly, we are seeing a more complex generation of threats—threats that are self-mutating,” says Carey Nachenberg, chief architect, Symantec Advanced Concepts Group. “The authors of these things are making them exceedingly difficult for anti-virus software to detect. It’s almost like a race to see who can make the hardest-to-detect virus.”
In the early virus days, virus protection was nearly nonexistent, and viruses made little, if any, effort to hide their presence on a victimized computer. Sometimes little dialog boxes popped up announcing a new infection or letters would fall down the screen before the user’s eyes. Today’s virus writers, however, seem more interested in thwarting anti-virus efforts than outwardly marking their territory.
“We’re seeing multiple entry points with the same infector,” says Patrick Hinojosa, chief technical officer, Panda Software. “You’ve got them bashing down the front gate, you’ve got them tunneling under the wall, you’ve got them throwing ladders up over the wall—in the same attack. It’s much more difficult to defend against.”
But even though modern viruses tend to resemble the behavior of undercover agents, the damage they can cause is still frighteningly real. By their very nature, file infector viruses, boot sector viruses, and macro viruses are powerful and flexible, particularly due to their ability to self-replicate (make copies of themselves) to spread their infection.
Many viruses also carry a destructive payload, a part of the virus that carries out malicious instructions. If infection by these viruses goes unchecked, the potential for data corruption or deletion is usually high. In many instances, by the time users discover viruses on their computers, damage is already evident. Taking an in-depth look at what these viruses are and how they work can help you understand the danger that perpetually surrounds our computing experience.


Post a Comment

<< Home