http://www.guardian.co.uk/uk_news/story/0,3604,477356,00.html
Stuart Millar, technology correspondent
Tuesday April 24, 2001
The Guardian
The days of the global email virus may be numbered. Ministry of
Defence scientists have developed software that could prevent
devastating, worldwide, mail-borne infections such as the infamous
love bug.
Amid mounting concern in government and industry about the threat from
virus-laden emails, the defence evaluation and research agency (Dera)
says it has produced a simple but effective way of containing
malicious viruses before they get the chance to spread to other
computers and cause real damage.
The ease with which a well-designed virus can circumnavigate the globe
was highlighted last May when millions of people received an email
with the heading ILOVEYOU. Within hours the virus in the email -
subsequently dubbed the love bug - caused an estimated 2bn of damage
as it immobilised computer systems, hitting large companies such as
News International, Microsoft and the BBC.
The virus, which was traced to the Philippines, was able to spread so
rapidly because its first act on being opened by unsuspecting users
was to send itself to every name in the users' email address books.
Since then email-borne virus attacks have increased, although none has
created the same chaos. The latest big outbreak was in February when
millions of people opened up a virus masquerading as an email picture
of the Russian tennis player Anna Kournikova; it replicated itself
around the world at twice the rate of the love bug.
These outbreaks have shown up the vulnerability of email systems. Even
the best security procedures can fail through computer users opening
their unsolicited messages and letting loose the virus.
The Dera software, to be unveiled today in London, is claimed to
provide the answer. Based on research to protect highly sensitive
government documents and computer systems from attack, the package
turns conventional anti-virus thinking on its head: instead of
attempting to stop the virus getting in, it prevents it from getting
out and damaging other machines.
The principle behind the software, named ::Mail, appears simple -
whenever users try to send an email, ::Mail shows a box on the screen
telling them what they are sending to whom, and asking them to confirm
the command. If the user unwittingly opens an infected email which
then tries to replicate itself, the box will appear, warning them that
the computer is trying to send emails. Although their own computer
will be infected, with a click of the mouse, they will be able to
prevent the virus escaping.
The new software is heavily protected from attack, removing the
possibility of virus writers producing a code able to override the
security.
Simon Wiseman, who led the team which developed the software, said
yesterday: "Because most of the work we do is for the MoD we're
experienced at preventing confidential information from getting out
when it shouldn't. This is an extension of that basic principle. While
every other anti-virus company has concentrated on stopping things
getting in, we are shutting down the propagation channels so that any
damage is contained in the machines of those opening the infected
message."
ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV@SecurityFocus.com with a message body of
"SIGNOFF ISN".
Received on Tue Apr 24 02:05 CDT 2001