Bug Watch: Careless talk costs millions

Fresh concerns have come to light this week about communication within the antivirus community on breaking viruses. As it stands, vendors are obliged to share the new details of a virus with their rivals when one is discovered, in the interests of finding a quick cure and minimising the damage. This may come as a surprise to those of you who feel we are a bunch of scaremongerers.

Despite the competitive nature of the AV industry, several different bodies exist that facilitate the sharing of information between rivals. If a software company disregards this procedure and chooses instead to write and issue a press release on a virus before informing other vendors, it's the equivalent of telling the neighbours that your house is on fire before dialling 999.

This week, 'Little Davinia' was a great example of an insignificant virus receiving a lot of media attention. Only one sample was received from McAfee's 70 million customers, but what happens when the next Love Bug arrives and a vendor chooses their media profile ahead of the good of the industry?

Two schools of thought exist on the whole virus-sharing issue. The first is that vendors need to share viruses in the interests of minimising the damage that attacks cause to businesses up and down the country. The second is that as vendors spend a lot of money on research into viruses, why should they effectively subsidise their rivals?

The truth is, the issue is bigger than both these points. If a high-risk virus with a huge payload broke out tomorrow, and the vendor who discovered it opted to tell the global public first, there would be chaos.

Customers would discover the virus in the media or through their network actually being hit. They'd then go to their AV company demanding a cure. AV companies would have been delayed in finding a cure because they weren't given a sample of the virus when it was first discovered, instead being reliant on a customer to report and send a sample of the new virus into the vendor's labs. The hours added to discovering a cure could then translate financially into millions in damage to their customers - an avoidable loss.

The flip side of the coin is what happens when a small-scale virus breaks out and is over-hyped by vendors, without the rest of the community knowing. Customers then read in the press about another 'potential Love Bug' and are quite rightly worried that their business is at threat from a highly destructive virus. Other vendors don't have the opportunity, or knowledge, to put their customers' minds at rest if they haven't seen the virus threat.

There's no argument. AV vendors need to work with the industry, not against each other, when a new virus is found. Most antivirus companies, even competitors, work together to protect their customers. Telling the public before the AV community is a selfish tactic that merely serves to alarm anyone with a networked PC that doesn't use your particular software.

This kind of problem is easily resolved when AV companies use just a little common sense. It is unfortunate that some companies still feel the need to'go it alone' and ignore the bigger picture. But until vendors start thinking of the community and the economy as a whole, businesses will continue to suffer at the hands of irresponsibility.

Next edition: 26 January