UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#39922 - 05/06/04 09:57 PM Trench warfare against viruses
Phatal Offline
UGN News Staff

Registered: 04/05/04
Posts: 298
Loc: Houston, TX
Computer security experts have been working around the clock to battle the Sasser worm.

It is a job tailor-made for one group of anti-virus experts based in Helsinki, Finland.

The research team at F-Secure waste little time when a new computer bug is detected.

The first step is to alert everyone in the office and that job falls to Lu, a stuffed toy monkey that screams when smacked.

It is a sound that usually signifies hours, maybe even days or weeks, of tough work for the anti-virus team.

Mikko Hypponen is used to it by now. As head of anti-virus research at F-Secure, he has seen many viruses over the years.

"If you look at the total numbers over the last 15 years, we've seen 90,000," he said.

"Most of those are extinct, and are not a problem anymore. So something like 300 to 400 most common viruses cause practically every infection around the world."

'Constant war'

Mr Hypponen calls this constant threat "back-scatter noise". On top of that, he says, new viruses are popping up at a furious rate these days.

Take, for example, one family of viruses - Netsky.

"We've seen 65 different versions of this virus over the past 40 days or so," he said.

"Every two days we find a new virus. And it might be the middle of the night, the middle of the day, in the middle of the weekend.

"Over Easter we had three new versions of this virus. It's a constant war against the other side."

One of those at F-Secure tasked with defeating viruses and worms is Ero Carrera.

Like most in the anti-virus world, the Spanish-born Mr Carrera taught himself how to do this kind of work.

It is called reverse engineering, working through sometimes millions of lines of code to figure out how the virus works, how it propagates, and, most importantly, how to stop it.

Fortunately, most viruses are very similar.

"But every now and then there are specific cases that are particularly interesting, because of the way they propagate, because of the harm they actually do," said Mr Carrera.

"Those are really interesting to look at, and you have to look fast and act fast, because there could really be a lot of danger if that virus spreads and infects a lot of machines.

"That's when it really moves us, it's a challenge, an intellectual challenge."

United front

F-Secure is Europe's biggest anti-virus company. Globally, its main competition comes from outfits like Symantec and McAfee.

But when it comes to cracking viruses and worms, competition usually takes a back seat.

The quantity and quality of today's viruses demand a high level of cooperation among virus-busters.

"We have to send each other virus samples, information on new viruses," said Gergely Erdelyi, who moved from Hungary to Finland to work at F-Secure almost four years ago.

"If there is a big case or if something is really complex, then of course the more information we can gather from the companies, then the faster we can come up with a solution for our customers. So we do co-operate a lot."

The nature of the battle between the virus-writing world, and the anti-virus world has been changing over the past few years, for the worse, as far as the virus busters are concerned.

You can find downloadable virus-writing programs floating around in cyberspace. Just type in a name, click the mouse a few times, and you can make a virus without even knowing how to write code.

But even more insidious is the rise of the professional virus-writer - someone who gets paid to wreak havoc in cyberspace.

Spammers, for example, are now paying virus writers to create malicious programs that will turn infected machines into spam-spewers.

Criminal intent

Worse, says F-Secure's Mikko Hypponen, organised criminals are now jumping on the virus-writing bandwagon.

"There are sites, typically operating somewhere in Russia, or Belarus, or Ukraine or China, where you can buy an attack tailored to a target, pay them the money, and then they will attack the site you pick," he said.

That is usually followed by a phone call, demanding what amounts to extortion money - pay us, or we'll attack you again.

The anti-virus team at F-Secure cringes when they think of the damage organised attacks could inflict on global internet usage.

That would mean a lot more screaming from Lu, the virus-alert monkey.

Lu's owner, anti-virus expert Katrin Tocheva, says the crew tries to remain calm and knowledgeable.

"Actually, the monkey's getting crazy, we're not getting crazy. We're just working normally, but with a higher speed of course," he said.

The Sasser worm is helping to make this one of the worst years ever for virus outbreaks, according to F-Secure.

If it keeps up, the team in Helsinki will be spending many of long summer nights sitting in front of their computers, picking through line after line of code.

You can view the original article here...

Sponsored Links
#39923 - 05/07/04 04:28 AM Re: Trench warfare against viruses
jonconley Offline
UGN Super Poster

Registered: 10/08/02
Posts: 955
Loc: Merrill, IA, USA
Finally, after being into computers for so long, I found a job that actually would interest me. Constantly evolving, changing, and challenging. Very competitive also.

Technology itself changes quickly, but not this quick. I would love to get a job doing something like this.

Seems OS knowledge, networking, internetworking, security, forensices, reverse engineering, and coding all rolled into one.


Featured Member
Registered: 03/02/02
Posts: 136
Forum Stats
2151 Members
46 Forums
37900 Topics
73070 Posts

Max Online: 1567 @ 04/25/10 05:20 AM
Top Posters
UGN Security 31062
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
claralobo, cdefgh368568, HushHush, golqm, Tim050
2152 Registered Users
Who's Online
0 registered (), 254 Guests and 264 Spiders online.
Key: Admin, Global Mod, Mod
Latest News

  Get Firefox!
Get FireFox!