The killer bugs from cyberspace

Every time you download your e-mail, you risk getting more than just a friendly message. David Fox reports
Click to follow
Indy Lifestyle Online
Good virus-scanning software will protect you from almost all nasties, but there is an unprotected back door through which your PC can be attacked - the Internet. Not that you can get a virus through e-mail, although there have been several scares to that effect, the most famous of which is the "Good Times" hoax. Instead, it is the files attached to an e-mail which are likely to carry a virus.

Most of these are macro viruses that affect Microsoft Word or Excel users. They make use of the application's built-in macro features which automatically take care of repetitious tasks, such as counting the number of words. Best known is the Concept virus, which was created as a harmless warning to demonstrate the risks, but there are versions which can delete Word documents as they are opened or even wipe out your hard drive.

Virus-scanning software will check each floppy disk or CD-Rom before it will let you access it, but it doesn't automatically scan e-mail attachments; the first time you know you have been infected will be when your system crashes or files start disappearing, which may only happen two weeks later or on a designated date.

"It is very easy for someone to add a virus as an attachment to an e- mail. It has actually entered your system before any standard security checks can spot it, unless you read every message and scan it as it comes in. However, a lot of viruses execute as soon as you open them," warns Denis Neavyn, general manager of Team 400, a highly secure e-mail service which is part of the Trinity Group.

Team 400 has recently introduced a new security system that automatically diverts all e-mail to a stand-alone system, where it decodes, scans and recodes them before delivering them on to the customer. The system uses several virus scanners and will stop any message that is infected, while support staff warn the recipients that a virus was being sent to them. The sender can also be warned, as the virus can be sent unwittingly, and their PCs might be infected without them knowing.

"Most people think their networks are safe from viruses, but if they do an audit, they may find they are riddled with macro viruses which have come in the back door through e-mails," says Mr Neavyn. This can be very costly, particularly for a big network, which will have to be shut down while each of the PCs are individually checked.

The system is available as a commercial service after a three-month trial involving 20 customers in Britain and Ireland, during which 30 such viruses were caught. "This might not seem a large number, but we've noticed that the numbers have been increasing even during the course of the trial, and believe the problem will grow as more businesses use the Internet," says Jonathan Mills, Trinity Group director.

Organisations involved in the trial, which included networks of solicitors and insurance companies, have first- hand experience of its value. "All of the corporate customers that we've introduced this service to have taken it," Mr Neavyn says.

How can home users stop getting infected? First, know your enemy. The US Department of Energy "Computer Incident Advisory Capability" keeps track of all viruses and can supply anti-virus software (http://ciac.llnl.gov/), as can Microsoft (http://www.microsoft.com), while members of AOL or CompuServe should also check out the virus forums on both services. Never accept attachments, or any other sort of files, from strangers. If you do get an attachment, save it straight to a floppy disk without opening it, and then scan it as normaln

Team 400 (http://www.team400.ie)

Comments