One of the most significant global threats comes in the form of "information warfare" which is conducted by a confusing mix of stateless actors, separatist, fringe independence movements, insurgence operations and terrorists.
This emerged from the NATO (North American Treaty Organisation) sponsored workshop on Warfare and World Security held in Portugal earlier this year at which information warfare and other unconventional threats were addressed.
Commenting on this, Andy Robb, a technology specialist at Duxbury Networking, says the event reminded the many millions of personal computer users of the increasing incidences of virus, Trojans and other malicious computer code that are circling the earth.
"Today, the threat of a superpower-driven global war situation is practically non-existent. Instead, the near term threat to international security comes from information warfare," stresses Robb.
He says the foot soldiers of the information war are the virus writers who have become creative in their efforts to deliver their damaging weapons and get them propagating.
"For some time now, they have used the power of the Internet to spread their wars. Their expertise continues to grow, as is demonstrated by the recent Windows virus called Bofra, which turns infected machines into distributors of its malicious code," he says.
"Millions of PC users have clicked on the poisoned links, send in innocuous-looking e-mail messages, and inadvertently turned their computers into virus spreading engines.
"With Bofra, a new `trick` has been developed by the virus writers to prevent the virus being caught by anti-virus software," he says.
Bofra is the first member of the family of worms that first appeared on 10 November 2004. It exploited a Windows vulnerability that was discovered only a few days earlier.
"Like many other recent viruses, Bofra plunders the address book in Microsoft Outlook for e-mail addresses and scours other files on an infected machine for fresh target addresses," explains Robb.
"The virus then brings its own mail sending software to bear to despatch e-mail messages to a fresh group of potential victims.
"However, unlike most other viruses, Bofra does not travel via mail itself. Instead the body of the mail messages sent out contains fake weblinks that, when clicked on, connect back to the machine that distributed that e-mail."
Robb says that, in effect, Bofra turns infected machines into small web servers that happily replicate copies of the virus.
"The messages try to trick people into clicking on the links by promising rewards for doing so - or by posing as a payment confirmation. This tactic of creating thousands of mini web servers was designed to help the virus spread quickly and avoid attempts to shut it down.
"In the past other malicious programs have relied on a single web server that downloads viral code to target machines. Shutting down this central server usually stops the virus spreading.
"Because no viral code travels in the e-mail messages sent out by machines infected by Bofra, effects to limit its spread have been hampered."
He says organisations need to prepare strong defences to combat Bofra and the variants it will surely spawn.
"Securing the email gateway will not guarantee peace of mind. Web gateways are now the portals through which malicious code will travel. Part of these defences should include behavioural systems that monitor activities on user PCs and identify when viruses have penetrated organisations and are searching for further victims," he adds.
* The Bofra family of viruses, which were originally thought to be offshoots of the MyDoom bug, can infect machines running Windows 2000, 95, 98, Me, NT, XP and Server 2003. Users running Windows XP that have applied the SP2 update are not vulnerable to the loophole that Bofra exploits.
Share
Editorial contacts