Re: Future Impact of Viruses on Internet

[Herrera Reyna Omar <omar_herrera () BANXICO ORG MX>]

I would add these ones:

1) Antivirus technology is getting more reactive than preventive / radical changes in design are needed:
        * Propagation speed of some worms is getting faster than AV update 
        deployment (MyDoom is a good example of this trend).
      * It is not quite clear what will happen with the amount of virus 
        signatures; Well we have AV checking for a billion signatures by
          the next decade? Will the AV products start dropping old signatures?
         (they actually try to group viruses in generic signatures, but these 
        tend to generate false positives if they get too generic).
        * The approach of AV itself creates these problems. They try to detect
        known malware, other security controls focus on what is 
        legal/valid/permitted (hIDS, Firewalls). My guess is that the AV 
        industry will be forced to radically change the identification approach
          soon.
2) Incidents response teams will be more common:
      * With a lack of effective preventive controls, many organizations will 
        need to react to these kind of threats "creatively" (alternate security 
        measures while the patch is developed).
      * The time window from the release of a vulnerability to the release of a 
           worm is shortening. The risk of seeing a worm exploiting a high 
        impact and non-disclosed vulnerability (like the Blaster worm) is 
        increasing.
        * The people developing exploits with bad intentions are keeping them for 
          themselves; no wonder, many kiddies and even investigators have been 
          fined and jailed (bad people with some brains will have figured out by 
        now that looking for fame is too risky).


Regards,
Omar Herrera

> -----Mensaje original-----
> De: Tim Lane [mailto:tlane () SCU EDU AU]
> Enviado el: Miércoles, 28 de Enero de 2004 05:55 PM
> Para: SECURITY () LISTSERV EDUCAUSE EDU
> Asunto: [SECURITY] Future Impact of Viruses on Internet
>
> Hi All,
>
> just as a topic of interest for academic discussion, does anyone have a
> viewpoint on the potential likely future of the impacts of worms and
> viruses etc on the future of the Internet and its use?  As an example, I
> consider future scenarios could potentially be:
>
> 1) A continual and escalating situation of attack and defend (as is the
> case now);
> 2) An future implementation of technology that largely mitigates the
> seriousness of attacks rendering them of little concern;
> 3) A substantial and slow degredation of the Internet such that it becomes
> largely unusable;
> 4) A sudden enormous impact on the Internet that forces an almost total
> rebuild/re architecturing.
>
> If anyone has any thoughts I would be interested.  I am sure someone out
> there is involved in the development of a more robust Internet and is aware
> of likely future scenarios.
>
> Thanks,
>
> Tim
>
>
> Tim Lane
> Information Security Program Manager
>
> Information Technology and Telecommunication Services
> Southern Cross University
> PO Box 157 Lismore NSW 2480
>
> Ph:  61 2 6620 3290
> Fax: 61 2 6620 3033
> Email: tlane () scu edu au
> http://www.scu.edu.au
> ********** Participation and subscription information for this EDUCAUSE
> Discussion Group discussion list can be found at http://www.educause.edu/cg/.
> Tim Lane
> Information Security Program Manager
>
> Information Technology and Telecommunication Services
> Southern Cross University
> PO Box 157 Lismore NSW 2480
>
> Ph:  61 2 6620 3290
> Fax: 61 2 6620 3033
> Email: tlane () scu edu au
> http://www.scu.edu.au
>
> **********
> Participation and subscription information for this EDUCAUSE Discussion Group
> discussion list can be found at http://www.educause.edu/cg/.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.