Just a few days in, and 2007 is off to a bad start. Instead of some great new technology grabbing the headlines, it's the "Happy New Year!" virus and a slew of other virus-related cyber attacks.
Hackers may take a break at this time of year, but virus writers apparently do not. Malware season is in full swing and indications are that 2007 is going to be an extremely rough year.
While hackers traditionally down tools for the holidays, virus writers go into overdrive because it is considered the best time of the year to catch people off guard.
How many people would hesitate to open a message received in the past few days with "Happy New Year!" as the subject line?
Unfortunately, those who've fallen for the ploy have unleashed a virus that shuts down anti-virus programs, sends itself to all the e-mail addresses it can find, and turns the victim's computer into a zombie for delivering spam messages.
Worrying trend
With financial rewards running into billions of dollars, it is not hard to imagine that some security vendors would not be tempted to take out a little insurance by sponsoring a virus writer or two.
Warwick Ashford, technology editor, ITWeb
The bad news is that the "Happy New Year!" virus confirms a worrying trend. It shows virus writers are definitely changing tactics to defeat traditional anti-virus software. They are also making it extremely difficult to produce software patches in time by releasing many different versions of a virus from several locations simultaneously or over short periods of time.
Security analysts are saying that because this method of attack is proving to be highly effective, other similar strains of AV-resistant polymorphic viruses can be expected in the coming months.
Consequently, many security analysts are predicting a rough year, with some even saying it may be the roughest yet.
More than 3 000 distinct variants of the "Happy New Year!" virus were identified within 65 hours of the first wave of attacks. Now that takes serious time and effort to pull off. What a pity it was not directed at developing a new technology to achieve something positive.
Why not?
Quite simply, the financial rewards are too great to be ignored. Two men jailed in Germany recently are known to have made more than 12 million euros in illegal profits. As long as creators of technology are susceptible to greed, technology will not always be put to positive use.
Likely plot
But what about the ostensibly legal profits?
According to security analysts, threats to mobile devices alone are expected to drive up revenues for security products to almost $5 billion in the next five years. Could it be that security vendors have as much, if not more, to gain from malware than the virus writers themselves?
Now if that's not an incentive to ensure the threat is maintained, I don't know what is. With financial rewards running into billions of dollars, it is not hard to imagine that some security vendors would not be tempted to take out a little insurance by sponsoring a virus writer or two.
Without a shred of evidence to support such a conspiracy theory, the fact remains that virus attacks look set to increase in sophistication and intensity in 2007 and companies will have to protect themselves as best they can.
Getting real about this fact, however, may not necessarily mean increasing the security budget. In fact, some security analysts say it may be as simple as ensuring that all known vulnerabilities are patched on time, that network components are configured correctly, and that staff do not take risks by opening dodgy e-mails or visiting dodgy Web sites. Common sense, really.
Whether or not 2007 will see the worst malware onslaught to date remains to be seen, but if the predictions turn out to be correct, you can't say you weren't warned.
Happy New Year.
Share