Let's start with malicious code outbreaks in general. Unlike hurricanes and tsunamis, there is no standard way of naming malicious code -- and thus is the greatest problem facing the antivirus industry. Gone are the days when simple names like "Jerusalem", "Michaelangelo" and "Stoned" were accepted and used by all antivirus vendors and their products. Today, what one company calls "Worm_Minmail.R" another calls "W32.Novarg" -- someone else calls it "MyDoom.A@m" and another may classify the same thing as "W32/MyDoom." What is needed is a return to industry-wide nomenclature for malicious code that can be used by all vendors in describing their products and making the reporting, analysis, and resolution of such outbreaks easier and more productive for customers and researchers alike.
Then there's the matter of marketing and mindshare. First and foremost, antivirus vendors are in business to make money, and it behooves them to capitalize on as much free publicity as they can. Thus, with each new outbreak we see vendors stumbling all over themselves to be the "first to detect and defend" against the latest malicious code and probably explains why there's no longer a standard outbreak naming scheme after nearly two decades. From press releases to interviews on television, radio, and newspapers, antivirus industry executives race to establish their companies and products as the most vigilant and capable on the market, an activity often made more amusing when backed by questionable, if not fabricated, statistics and predicted damage assessments (usually in the billions of dollars) from each outbreak -- and almost always followed by a pitch espousing the cost-effective security that only their products provide.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.