If current trends continue, this year's major headaches will continue to be caused by worms: malicious code sent by e-mail which can spread rapidly and are easy to create using specific tools or just by modifying existing worms (explaining the recent increase in the number of virus 'variants' on the loose). Other trends expected to continue include the use of the Internet and even private networks to spread viruses. The damage caused by malicious code such as Opaserv, Bugbear, Klez.I, or Prestige is an indication of the potential danger that these types of viruses represent to all users.
E-mail worms are also constantly taking advantage of vulnerabilities in commonly-used software. Such flaws include the IFRAME vulnerability, which affects Microsoft Internet Explorer, allowing infected files to be run automatically when the e-mail carrying the virus is viewed in the Preview Pane. Worms such as the previously mentioned Klez.I and Bugbear or others like Appix.B and Bride exploit this vulnerability.
It's important to keep in mind that these types of vulnerabilities are detected almost daily, and it's evident that virus writers will continue to take advantage of them. But as if that weren't enough, e-mail worms are also prone to using 'social engineering', a technique whereby users are tricked into executing an attached file containing virus code.
Another type of malicious code currently in vogue with malicious users is the Trojan. This is a program designed to take a range of actions on infected computers. Lately, an increasing number of Trojans have been detected with the ability to steal confidential data or give hackers remote control over the victim's computer.
There are also other more sophisticated malicious codes to be taken into consideration, those designed for mobile phones and smart phones, as the platforms these devices use are becoming more widely used. This might result in, if not massive attacks, at least some virus activity of this kind. Attention must also be paid to viruses programmed to spread through instant messaging applications, file swapping applications like KazaA, or viruses that can affect specific types of machines such as SQL or Apache servers. This last type of attack could become particularly dangerous as damage would be serious, even though they are not designed to infect a large number of machines ..
Luis Corrons, head of Panda Software's Virus Laboratory believes that, "2003 will be just as bad a year for viruses as previous years. We should not be fooled by statistics: the virus threat is real and grows every day. Over recent months it has been possible to avoid infections of epic dimensions, due in part to the increased awareness of users about how to protect against viruses, and in part to the daily efforts of companies like Panda Software who detect and eliminate all types of malicious code, no matter how insignificant they may seem."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.