Stemming cyber attacks

By Byron Acohido and Michelle Kessler
USA Today

Jin Fang and Vince Borghese troubleshoot the Campus Network Hub at the University of Toronto after the Blaster worm and SoBig.F e-mail virus overwhelmed the school's computer system. Gannett News Service Protecting your PC Tips for avoiding Net security threats: Install anti-virus software; keep it current. Install security patches for your software, provided by the companies. Microsoft, for instance, offers patches for the Windows operating system at windowsupdate.micro soft.com or microsoft.com/ security. Be wary of e-mail attachments and downloads from the Internet. If you have broadband Internet access, consider a firewall program to keep hackers from taking over idle computers. Use difficult-to-guess passwords. Make backups of important files. — Sources: CERT Coordination Center, McAfee Security

And it is likely to "get a lot worse before it gets better," predicts Steve Larsen, CEO of computer security firm BigFix. "Existing solutions (to deflect worms and viruses) do not protect large enterprises or consumers."

The problem is multifaceted, software and security experts say.

• Feature-rich software programs written to run on PCs have endless security holes when exposed on the Internet. Despite launching a "trustworthy computing" initiative last year, Microsoft issued 72 security patches last year and 32 so far this year.
• Worm and virus writers are exploiting holes faster than ever, with potent self-propagating worms and e-mail viruses that spread as readily as spam. Blaster, also known as LovSan, started invading Web-connected PCs using the Windows XP and Windows 2000 operating systems on Aug. 11. It came through a security hole for which Microsoft issued a patch 26 days earlier.

Users share responsibility

Meanwhile, the onus is on companies and consumers to keep up with anti-virus updates and security patches. That's not likely to change until software buyers vote with their wallets.

Staying current costs companies hundreds of thousands of dollars a year. And the cost is rising every day, says Graham Cluley of anti-virus firm Sophos.

Blaster was followed by SoBig.F, the sixth variant of a recurring e-mail virus that uses infected machines to spread spam. At t its peak, it multiplied e-mail traffic by a factor of 20, deluging e-mail systems.

Backbone held up

Through the attacks , the Internet backbone remained solid, and no critical systems were threatened. That's because federal agencies have worked with industry players since the Sept. 11 terrorist attacks to protect critical infrastructure, says David Wray of the Department of Homeland Security.

Many companies and home PC users have not exercised the same vigilance, experts say.

Some security experts want to shift the burden to software makers. Homeland Security "is leading an effort to have software developers consider security and build it into software from the very beginning — not as an afterthought," Wray says.

Microsoft gives Windows users the option of enabling a firewall or installing patches downloaded from the Internet.

But Paller says AOL Time Warner has a better approach. AOL includes a firewall and anti-virus protection in its Internet connection software, and aggressively prompts users to install updates and patches. When SoBig.F hit, AOL blocked 23 million infected e-mails.

In the wake of Blaster and SoBig.F, Microsoft is "seriously looking into" requiring Windows users to activate a pre-installed firewall and to accept automatic patches, says Mike Nash, Microsoft vice president of security.