Virus, vidi, vici

Virus, vidi, vici

If it wasn't immoral to do so, antivirus solutions resellers could probably throw a party or two to celebrate the eruption of activity in the security market.

There is nothing quite like a good conspiracy theory, especially one sizzling with all the necessary James Bond movie ingredients - sex, power, revenge and money. Try leaving sex out of the scenario, and you will get an average B-grade good-guy bad-guy saga that few will be inclined to talk about at a Saturday night dinner. But if your friends are resellers and computer geeks like yourself, the following tale of vindictive commercial sabotage of computer software might have more than a little life in it.

A few months ago, while the Melissas and Chernobyls of this world were wreaking havoc across computer networks around the world, a Finnish data security expert used an interview with Helsinki-based IDG publication Tietoviikko to effectively accuse software and hardware vendors of creating and spreading at least one computer virus.

Ilkka Keso claimed the devastating CIH virus "started to spread with illegal game copies", making the possibility of it being a form of revenge cooked up by aggravated software producers highly plausible. And although he dismissed the suggestion that the culprits were the antivirus companies on the hunt for some serious corporate money, Keso's insinuation hit a nerve with an increasingly paranoid public whose dependency on computer hardware and software-enabled automation of daily tasks has been laid bare for everyone to see by ever more frequent and malicious virus attacks.

Needless to say, both hardware and software companies would benefit from the proposed exercise. But the more interesting and perhaps more disturbing facet of the story is that, despite expert warnings and public announcements of the availability of virus antidotes prior to the release of CIH's latest incarnation, the chip-attacking program resulted in more than a few office dramas. Whether because end users, including large corporations, are still not showing the required amount of vigilance in reviewing and updating their sec-urity solutions or because there are millions of potential Machiavellian psychos weaving code with malice for unknown gains, the world seems to be going anticlockwise when it comes to falling victim to devastating techno-viral epidemics.

"Every month, three to four hundred new viruses hit 'the market' and there are currently around 30,000 viruses in the wild," estimates Dean Stockwell, director of Network Associates' sales and support for Asia-Pacific, confirming the bleak reality.

Yet despite the "productivity explosion" that has seen the number of viruses released monthly increase tenfold over the last three years, Stockwell says what worries him more is the tendency of virus creators to develop ever more damaging programs, which, almost as a rule, have the ability for fast replication. "In the old days, people were developing viruses just to see if they could do it, but they weren't malicious," he laments. "Since then, things have changed considerably due to several factors, such as the implementation of office-based applications and the widespread use of the Internet and e-mail, which is a great transport mechanism for viruses."

Those hit by the Melissa, CIH or, most recently, the Worm epidemics understand the change all too well. Network downtime, loss of files and industry embarrassment even for the likes of Microsoft, which had to shut down its mail server when ExploreZip.worm recently stormed the Internet, have become regular obstructions to day-to-day activities in the corporate world. Furthermore, the potential for virus-enabled data theft is leaving many executives in a state of sleep deprivation and despair. But instead of examining their own antivirus readiness (many users admitted to updating their antivirus software only after the Melissa plague rapidly decimated the number of security prevention non-believers around them), the question is being asked whether the antivirus software vendors themselves have the ability to keep up with the hyper-production of nasty and potentially illicit "viral code".

Antivirus market rivals Network Associates, Symantec and Trend Micro all answer in the affirmative, citing greater numbers of engineers and an increase in resources that are being deployed to combat the "baddies". "We are trying very hard, but you have to understand that this is a game of cops and robbers in which we are the good guys, so we can only work on a reaction basis," Kenny Liao, Trend Micro's country manager for Australia and New Zealand, explains. "Obviously, we don't know who the robbers are until they are caught, so 100 per cent focus is the best we can do," he said.

While antivirus software vendors are busy centralising their security management solutions in response to the rapidly converging antivirus and network gateway security markets, Liao points out end users need to be educated in taking a proactive role in virus prevention, rather than simply relying on antivirus vendors to fix the problem when it is already there.

For its part, Liao's company has enabled its Trend Virus Control System antivirus solution for central and remote management of viruses and is actively seeking to train and appoint resellers, especially ISPs, willing to take on the remote management out-sourcing market through the company's eDoctor program. "Put simply, if there is a virus outbreak happening in Darwin, we can fix it from Perth," Liao says, explaining the concept. In addition, he believes, this represents an excellent opportunity for resellers to take advantage of the market's security concerns, as well as to increase their margins.

Symantec's recently announced Digital Immune System (DIS) solution is moving in a similar direction, consolidating antivirus technology with IBM's automated virus analysis and Intel's management technology to deliver an integrated solution for enterprise-wide systems, security and content protection and policy management. To be released in stages over the next 12 months, DIS will focus on the areas of antivirus protection, mobile code, URL filtering and e-mail scanning. At the same time, Symantec too is working on a remote management solution.

"Today, the issue of system uptime is no longer about serving a business, it's about staying in the business," Robert Smith, director of Symantec's corporate product management division, asserts.

"Internet and electronic commerce are thus a central part of our strategy to keep businesses up and running, because you never know when a new bunch of viruses can attack," Smith said.

"Automatic virus detection and repair time need to be dramatically reduced, because turning your systems off is just not an option in today's business environment."

According to NAI's Stockwell, product centralisation is one answer to the combined threat of a large number of viruses and "the increased number of potential roads into your network" that is pushing the antivirus market away from its product-centricity and towards solution/service-centred offerings.

"Within a year, we will see a lot more resellers waking up to this business of security. There is a huge market out there for technically minded resellers to buy service licences and do audits for customers, the way big guys such as Ernst & Young are doing it already," Stockwell offers.

"The point is that security is a big issue for customers and they want one product for all their security needs. We are only one or two years away from that and now is the time for resellers to start discovering the best way to service this changing market."

What's new from . . . Trend Micro

Targeting the outsourcing market, Trend Micro's antivirus service, eDoctor, is a remote monitoring service that allows companies to reduce the workload of their system administrators by receiving 24-hour-a-day virus monitoring services from Trend Micro-appointed resellers. The service has been designed to reduce the cost of antivirus prevention for corporate networks in need of a successful antivirus policy, while creating new opportunities for technically minded resellers, and ISPs in particular, to enter the antivirus market. Interested parties should go to to register their interest.eDoctor highlightsAllows real-time surveillance of all Trend Micro products (Trend ScanMail for Lotus Notes and Microsoft Exchange, Trend Virus Control System for servers and Office Scan Corporate Edition for clients)Provides automatic updating service of virus patter filesClients sent a monthly virus diagnostic reportDesigned around Internet-based antivirus engineer support and free analysis of suspect files and virus-infected files that cannot be cleaned.

Trend Micro

Tel (02) 8876 5678

What's new from . . . NAI

Security specialist Network Associates International recently released an enhanced version of its VirusScan software. Reacting to the spread of new "economies of scale" viruses such as Melissa and ExploreZip.worm that have cost US businesses $US7.6 billion so far, Network Associates has added a new "e-mail x-ray" feature to the product that will scan e-mail attachments upon their arrival in the inbox and before they are opened by users. The new version is also said to provide desktop protection for the latest Java and ActiveX threats, as well as Office 2000 protection.

VirusScan highlights

Scans e-mail attachments before they are openedOffers prevention from malicious Java and ActiveX appletsProtects Office 2000 users from virus mutations in the environmentFeatures a centralised network antivirus management tool for easier administration.

Network Associates

Tel (02) 8425 4200

What's new from . . . Symantec

The antivirus market leader has unveiled a new virus- prevention strategy that should allow companies to achieve an "unprecedented level of managed, intelligent protection and control". Called Digital Immune System, the solution will be released in several phases that will focus separately on virus prevention, mobile code, URL filtering and e-mail scanning. While the first version includes a managed antivirus solution based on Norton Anti-Virus Corporate Edition, the second version of DIS, to be made available in 2000, will include pcANYWHERE, Norton Speed Disk, Norton Ghost and mobile work support.

Digital Immune System highlights

Includes tools and utilities for systems and policy management, virus protection, server performance, desktop configuration, diagnostics, remote system operation and disaster recovery from a single management consoleNorton AntiVirus Corporate Edition will be linked to a back-end system featuring IBM technologyLeverages Intel's management technology to give administrators control over the level of automation.


Tel (02) 9850 1147

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments