Users still the weakest link

End-users are still the main cause of virus infections in the workplace, as they continue to open suspicious email attachments and use online file-sharing and instant messenging services, according to experts.

The claim comes as the main antivirus software companies revealed that stubborn mass-mailing worm Klez, which carried an infected attachment, was the number one virus of the year.

Sophos said that Klez accounted for almost one in four virus infections, and McAfee, which did not have exact figures, confirmed that Klez easily achieved the highest number of infected files.

Graham Cluley, senior technology consultant at Sophos, explained that companies need to look at why end-users are accessing certain applications.

"The real weak link is humans, not the bugs in Microsoft's software," he said. "Businesses need to think carefully about their users' use of [applications like] Instant Messenger."

Jack Clark, product marketing manager at McAfee, added that organisations should focus on policy and educating users rather than just technology.

"The main threat is from the user, so companies need to focus on scanning the users for their vulnerabilities," he said.

The main virus threats businesses can expect to face next year include more devious mass-mailing worms, infections from malicious code on web pages and file-sharing.

"The emergence of broadband this year has led to increased file-sharing and that increases the number of viruses shared," said Clark.

Cluley pointed out that companies can protect themselves against email worms by educating end-users and deploying email gateway protection to stop executable files before they reach the corporate network.

"Give [staff] simple rules - like don't open any executable files - and you can dramatically reduce the chances of infection," he explained. "And stop executable code coming into the organisation by blocking it at the gateway."

Although attacks on Unix systems are still a rare occurrence, at only 0.2 per cent, Cluley indicated that these are likely to increase.

"We are seeing more and more interest in cracking Unix systems. This threat is increasing," he warned.

Clark said that, until there was wider adoption of the Unix platform, Microsoft exploits would remain the dominant threat. Just 10 or 15 of the 70,000 attacks registered by McAfee were aimed at Unix systems.

Mobile and personal digital assistant viruses are also not expected to make any significant impact in 2003. "Virus authors tend to target the mass market," said Clark.