Bug Watch: Complacency will be our undoing

Bug Watch: Each week vnunet.com asks an expert from the IT security world to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week's expert is Graham Cluley, senior technology consultant at UK-based antivirus company Sophos.

On 4 May this year the world woke up to news of what was to become the most infamous computer virus to date. A week later, after the Love Bug had swept the globe, there would be few people left unaware of its existence and the damage it had done.

Anyone looking at the media coverage would be forgiven for thinking that the Love Bug was the most widespread virus of the year. However, despite all of the excitement and commotion surrounding its arrival, the majority of calls to the helpdesk at Sophos during the year did not concern the Love Bug. This dubious honour goes to Kakworm, a fellow Visual Basic Script virus.

Kakworm first appeared in January 2000 and has maintained a steady presence throughout the year. More subtle than the Love Bug, Kakworm has been able to infiltrate and spread consistently.

Ironically, Microsoft issued a patch for the security loophole used by Kakworm in 1999, before the virus itself ever existed. A simple process taking just a few minutes, installing this patch will stop viruses such as Kakworm or any new virus using the same exploit from spreading. Remarkably, it seems that the message is not reaching users and the patch is not being installed.

The viruses that achieve the most notoriety are not necessarily those causing the most infections, a fact easily overlooked by users. The Love Bug was a 'shooting star', a virus that exploded on to the scene and grabbed everyone's attention for a relatively short period.

One positive effect resulted from the front-page news the Love Bug generated - users began to realise that computer viruses have the potential to cause real trouble and are an issue that has to be addressed.

However, concentrating on big name viruses such as the Love Bug means that other viruses and security issues were pushed to the back of users' minds.

Moreover, once the virus has disappeared from the headlines and the panic has subsided, users begin to forget what all the fuss was about in the first place. Complacency begins to set in and cracks in the wall of defence will start to appear.

This year's monthly top 10 virus charts reveal that the safe computing message is still not getting through to users, and that high-profile viruses are rarely the most prevalent.

Logically, viruses should enter the top 10 one month and then quickly drop out of the chart as users install antivirus updates and patches. Instead we have a situation where Kakworm can remain within the top three viruses for months.

It's sad but true that viruses mean that computing and the internet isn't as much fun as it could be.

Users should not just be worrying about the viruses that appear in the headlines. Nor should they be particularly worried over viruses set to trigger on certain dates. Safe computing is a must all year round and yesterday's news can easily become today's headache.

Next edition: 15 December