Menu
Will more stealth bugs come knocking?

Will more stealth bugs come knocking?

The latest public virus spectacle came last week from Cult of the Dead Cow (cDc), one of the more infamous hacker groups, which officially launched its BackOrifice 2000 remote control device at a DefCon gathering in Las Vegas.

The release has renewed concerns about Australia's ability to defend its cyber-boundaries.

In addition to remote administration capabilities, BackOrifice 2000 (BO2K) is known as a Trojan Horse which has the capacity to perform unauthorised actions such as file deletion, machine reconfiguration or simple surveillance and data theft if installed on a PC.

Allegedly intending to expose the deficiencies in Microsoft's Windows 2000 operating system, cDc claims that BackOrifice 2000 is merely a tool that uncovers Microsoft's lack of security arrangements.

Richard Baldry, director of security firm Sophos Australia, agreed that bugs on operating systems such as Windows 2000 are a real security threat but suggested that Microsoft itself should fix emerging problems and that BO2K is a threat, not a solution.

Baldry assured Australian companies that BackOrifice 2000 would not penetrate local businesses if they take precautionary measures.

"The original BackOrifice didn't come to Australia or appear in the wild," said Baldry, who is more concerned with self-propagating viruses such as Explorer, which hit Australia about a month ago.

Steve Laskowski, managing director of Internet Security Systems Australia and New Zealand, denies that all will be quiet on the home front.

"There have already been a couple of instances where businesses have found BO2K but the problem is that most Australian companies don't have the tools to detect it. That's part of the reason BO2K is such a serious threat, because most companies won't even be aware that BO2K is on their systems. BO2K is designed for surveillance rather than destruction, though it is capable of that. For this reason, companies reliant on proprietary information or secure data are most at risk. This makes it difficult to detect."

And Laskowski contends that there can be no comparison between this version of cDc's Trojan Horse and the original. "The biggest impact this will make is because it now works on Windows NT so corporate Australia will feel the brunt of it much more than if it still only operated on Windows 95 and 98," said Laskowski.

ISS warns Australian companies not to become complacent, especially because of increased global interaction and the exposure of Australia due to the Olympic Games and economic conferences being held in the region.

Additionally, companies need to remain alert with viruses such as Melissa and CIH representing what Baldry perceives is an increasing frequency and destructiveness of attacks. "The worrying thing is the increased complexity of the viruses we are seeing and the increasing frequency of viruses to specifically cause havoc," explained Baldry.

The integration of the Internet and e-mail with office environments is another trend that Baldry believes is a serious security risk.

"Viruses will simply become more network-aware. Attacks such as the Melissa virus and CIH, which are not macro viruses, can cause irrepar-able damage and financial loss to a company."

The intense campaign against viruses has made an impact on businesses with Laskowski estimating that in the last six months organisations have increased spending on security by 30 per cent.

Yet the predominance of viruses in the media has left other potential avenues of harm untouched. "Con- centrating on virus protection alone may leave users vulnerable to attack," said a Network Associates International (NAI) spokesperson. For this reason, NAI is attempting to promote a "cross discipline" approach to security that involves using antivirus protection with intrusion detection.

Yet those claiming to protect businesses against increasingly virulent threats are finding that it is a perpetual race where good and evil perform a constant balancing act.

"Security vendors are always on a knife edge. It is a fine balance between staying ahead of the game or simply reacting," asserted Baldry. "But we have a lot of past data to go on now. We can analyse previous trends and try to extrapolate into the future."


Follow Us

Join the newsletter!

Error: Please check your email address.
Show Comments