This week Carole Theriault, from Sophos, points out the dangers of cocktail or blended virus attacks.
There's been a lot of talk about viruses spreading through email recently. But if today's most prolific viruses use email systems to spread, why not just rely on an email gateway antivirus solution to protect your network from infection?
The answer is simple: viruses don't just travel via email. Take for instance a cocktail attack or blended threat, worms or viruses which look for several entry points instead of just one. The recent Avril Lavigne worm employed two of them.
Having up-to-date gateway virus protection could thwart its attempts to access your system via email, but this worm also exploited online chat systems such as ICQ and mIRC.
These applications reside on desktops and have no relationship with the email gateway so, even if your email gateway has Fort Knox-level protection, you are not immune to infection.
Cocktail attacks are becoming more common: Bugbear, Sircam, Nimda, Klez and Sobig combine exploits such as infecting via the internet, network shares, instant messaging or email.
And this trend will continue. Not surprisingly, virus writers who release their malicious code into the wild want it to spread far and wide in the shortest amount of time, so a virus making use of several entry points simultaneously will increase the chances of infection.
And while many internet service providers now offer email virus scanning, many viruses don't require email to cause widespread infection.
Opaserv, first seen late last year, spreads itself by searching for computers with network shares open to the outside world. Anyone connected to the internet who has enabled file-sharing is vulnerable to this worm if they do not have adequate antivirus protection.
Despite not using email to spread, Opaserv was a top 10 virus for several months at the end of 2002 and it is still in the top 20 today.
Loopholes in checking emails for viruses should also be considered. You might value confidentiality, and encrypt your email to prevent people from seeing the contents.
As the whole point of encryption is that it shouldn't be cracked, antivirus at the gateway or a used by third party shouldn't be able to break it either.
And just because something is encrypted doesn't mean it is virus-free. But because it is encrypted, it does mean that it can waltz past the email antivirus scanner.
So any organisation relying solely on internet or gateway virus protection is compromising their security by sending and receiving encrypted documents.
Checking email for viruses at the gateway is a valuable tool. It is a simple way of significantly lowering your chance of being infected, but it isn't foolproof.
We shouldn't have to choose between confidentiality and virus protection, nor should we be expected to know the origins of every file on our computers.
Desktop virus protection can help fill the gaps, and is one level of protection which no one can forget. A desktop scanner doesn't care where an infected file comes from, and will prevent you from unwittingly launching an infected file.
If a virus comes through a newly discovered security hole, or if you put in an infected CD or floppy, or browse a infected website, this scanner will sound an alert.
Now that most providers offer automated updates several times a day, desktop antivirus is the ultimate safety net.
AMD's Zen chip roll-out continues with the focus on high-power embedded applications
And becomes the team's executive chairman to boot
Tesla founder leaves OpenAI group - while Valve Software's Gabe Newell joins