Remote access Trojans on the warpath

Next year will see an overall increase in viruses, but there is no indication yet that there will be a major proliferation of viruses for mobile devices, according to security experts Sophos.

The group said that no new Palm virus had been recorded in over a year and that IT managers should focus on securing themselves against more familiar strands of viruses. Sophos said that 1,200 new viruses are currently recorded each month, but that most of them are harmless.

The most widely reported viruses for 2001 include the Windows executable worm variety, which included Nimda, SirCam, Magistr Hybris and Badtrans, which re-emerged this week. This type of virus is a mass-mailing internet worm that attempts to send itself using Microsoft Outlook by replying to unread emails.

Visual Basic Script viruses, such as the destructive Kakworm, are easier to write and will also feature strongly next year, according to Graham Cluley, senior technology consultant for Sophos.

"I don't foresee a major shift in the type of virus threats we'll see next year," he said. "As ever the weakest link will be humans not updating their company's antivirus software. That's why Nimda and SirCam spread when, in reality, antivirus software is generally pretty good at finding viruses."

There will be more remote access Trojans next year, more Code Red internet worms that directly target web servers, and more attacks on Unix systems, according to Cluley. "Microsoft has a worse record for viruses, but Unix managers should not think that they're impervious to attacks," he warned.

Sophos still feels that most viruses will continue to be written by males between the ages of 14 and 24, and that a lot of these will be used merely to spread 'web graffiti' as has proved to be the case this year.

Internet security has increasingly been on the international agenda since 11 September.

The Council of Europe, which signed a 30-country treaty on cyber crime last week, is to meet again tomorrow (28 November) in Strasbourg to hold a European Forum on harmful and illegal cyber content, bringing together experts such as the World Wide Web Consortium.

The Forum will look at different ways of regulating the internet, particularly self-regulation by the industry and co-regulation, whereby public authorities and the private sector co-operate.

It will also look at how users of the web can be empowered to protect themselves and their children against harmful and illegal content.

Security software vendor Symantec welcomed the recent debate on cyber crime and offered to work closely with the Council of Europe. "We welcome this development. It shows that the Council of Europe is taking seriously the need for regulation and personal responsibility," said a spokesperson.