Satellites help companies stay safe and secure

[William Knowles <wk () C4I ORG>]

http://news.bbc.co.uk/hi/english/sci/tech/newsid_909000/909706.stm

Monday, 4 September, 2000

As more and more computer viruses circulate, businesses are continuing
to look for new ways to defeat the pernicious programs.

Now some companies are starting to protect themselves with a satellite
network that distributes virus cures quickly.

Others are turning to smart software that can spot novel viruses
before they do damage.

But companies and consumers will have to continue to be watchful as
the writers of the malicious programs target new groups of users and
devices.

The number of computer viruses circulating around the world has been
steadily increasing for the last couple of years but has taken a leap
upwards this year thanks to the ILOVEYOU virus.

Worms are returning

Typically computer viruses have relied on human fallibility to travel
and have hitched a ride on documents or programs sent around companies
or across the internet.

But the newer breed, such as the ILOVEYOU virus, need little help to
travel because they can plunder e-mail address books and try to send
themselves to all the names they find.

Figures collated by MessagesLabs, which monitors and filters e-mail
for companies, shows that the numbers of viruses being caught is on
the rise.

In October last year, MessageLabs was stopping around 2000 viruses per
month but since May this year, when the ILOVEYOU virus struck, it has
regularly been catching over seven times as many. The average from May
to August was over 16,000.

These viruses are more accurately called "worms" because they act by
themselves.

The first virus to hit the internet in 1988 was a "worm" and it was
unleashed by computer science student Robert Morris - the son of the
former chief scientist of the National Security Agency, America's
encryption and spying organisation.

The tricks used by the ILOVEYOU to travel are being co-opted by other
virus writers and there are believed to be at least 29 variants of it.

Only this week, a new variant of the ILOVEYOU virus, named after
Disney character Donald Duck, has been found in the wild.

Send by satellite

Now a South African company is trying to help companies keep up with
the variants and new viruses by automatically distributing updates and
fixes via a network of satellites.

Ian Melamed, chief technology officer of Satellite Safe, said
companies had to move ever faster to keep up with the numbers of
viruses in circulation.

The first copies of the ILOVEYOU virus were found eight hours before
it did any damage, but cures were not available until almost two hours
after it hit.

"The issue is one of speed and how to you distribute a piece of
information to millions of people around the world simultaneously,"
said Mr Melamed, "It is all about getting the filtering to start
yesterday."

Satellite Safe monitors 117 sources of information on anti-viruses to
keep up with the latest information. Once a novel virus has been
identified, an alert is sent out via satellite to subscribers,
reaching everyone within two minutes.

Latest information

"All these viruses have an ID to them," he said, "We broadcast that to
an e-mail filtering program which detects, blocks and gets rid of
them."

Mr Melamed said the updates were automatically installed and did not
require anyone to visit a website and download the latest information.

But other companies are taking a different approach to virus
protection by trying to spot malicious programs even before they do
damage.

Last month, Finjan software released a free software utility called
SurfinGuard which watches what any program on your computer is doing.

The utility warns users about any suspicious or malicious activity and
asks if they want to let the program continue what it is doing.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".