With the decrease in the total number of viruses, some have theorized that the need for virus protection is becoming less and less necessary. The purpose of this paper is to help individuals understand the scope of the problem, and specific strategies available to combat this continually changing threat.
Malicious Software Defense: Have we moved beyond the need for anti-virus and spyware protection software? Kevin Prince Chief Security Officer Perimeter eSecurity May 2007
Page 1 of 7
Introduction
With the decrease in the total number of viruses, some have theorized that the need for virus protection is becoming less and less necessary. Protecting systems such as servers and workstations is nothing new. In fact, using anti-virus software was the first method enlisted to stop malicious code from infecting and propagating between these systems. However, the sophistication of viruses and malware in recent years has dramatically changed the playing field. The purpose of this paper is to help individuals understand the scope of the problem, and specific strategies available to combat this continually changing threat.
History
A program called "Elk Cloner" is credited with being the first computer virus to appear "in the wild" - that is, outside the single computer or lab where it was created. Written in 1982 by Rich Skrenta, it attached itself to the Apple DOS 3.3 operating system and spread by floppy disk. The first PC virus was a boot sector virus called (c)Brain, created in 1986 by two brothers, Basit and Amjad Farooq Alvi, operating out of Lahore, Pakistan. The brothers reportedly created the virus to deter pirated copies of software they had written.
In the early 90's, companies such as IBM, McAfee, and Symantec released the first software to protect systems from these infections. As networks began to emerge, these viruses could spread between systems without the use of removable media. This same concept was then used at a macro level with the adoption of the Internet in the 1990's. Since that time, thousands of viruses have been released into "the wild" with many stories and data casualties. Few individuals have not been touched by the tentacles of a virus at one time or another. The software used to detect and stop these viruses was installed directly on the system it was intended to protect. Other strategies such as Gateway Anti-Virus has also been used in recent years to detect and stop viruses before they enter a network, but these systems were never intended, and shouldn't be used as a replacement for anti-virus software that resides on the individual systems.
Page 2 of 7 Malware Growth vs. Virus Decrease
http://www.avertlabs.com/research/blog/?cat=2 Later, other malicious code was written that had slightly different properties from a virus. A computer worm (one such example) is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms always harm the network (if only by consuming bandwidth), whereas viruses always infect or corrupt files on a targeted computer. The name 'WORM' comes from The Shockwave Rider, a science fiction novel published in 1975 by John Brunner. Researchers John F Shoch and Jon A Hupp of Xerox PARC chose the name in a paper published in 1982; The Worm Programs, Comm ACM, 25(3):172-180, 1982), and it has since been widely adopted. Though it was technically a Trojan horse, the Christmas Tree EXEC Worm was likely the first worm on a worldwide network, spreading across both IBM's own international network and BITNET in December 1987, bringing both networks to their knees. Other malicious programs created further variation. Trojan horse programs, spyware, and adware are just a few examples. Often times, any software that is installed on a system without the owners informed consent is known as malicious software, or "malware". Although other terms such as scamware, crimeware, and badware are used to describe similar types of software, malware at this time seems to be the most dominant.
Page 3 of 7 Trojan Horse Programs
http://www.viruslist.com/en/analysis?pubid=178949694
Spiraling out of Control
Recently there have been some major shifts in the use of malware. Prior to 2006, most viruses and worms could be classified as things that the author or developer wanted everyone to know about. The recognition for writing the "fastest spreading worm", or "most damaging virus", etc. was one of the major reasons this so... [download for more]
