And although the threat they pose has been a latent concern for well over a decade, experts are now warning that a massive viral outbreak has the potential to seriously compromise the very backbone of such communication.
Within five days of its first appearance on July 12 this year, the Code Red worm had infected over 359,000 servers, causing a traffic jam severe enough to register a -orange alert" at the SANS (System Administration, Networking, and Security) Institute web site, which is one step away from what the institute describes as -Internet failure".
Code Red recruited unprotected Microsoft Internet Information Servers (IIS) as unwitting -zombie" crusaders in a denial of service attack on the Whitehouse, and reached an infection rate of 2000 servers a minute.
Finding themselves inundated with malicious junk mail, systems administrators at the US President's pad were left with no alternative but to change IP addresses, essentially dumping all communications, Code Red-generated or otherwise. Across the world, hundreds of thousands of servers were rebooted in an attempt to eradicate the RAM-based bug, and by July 20 active viruses deactivated themselves via a built-in kill pill.
However, Code Red did more than overload Whitehouse communications. In a disturbing twist it also paved the way for second round of attacks by what most anti-virus software vendors describe as this year's most prevalent virus; Nimda.
Appearing in mid September, Nimda exploited a range of invasion techniques including infecting Microsoft IIS servers weakened by the initial Code Red attack.
Spreading through more mass mailouts, where users were not even required to activate the attachment to launch the virus in order for it to take effect, it also modified files found on Web servers, resulting in an infected file called readme.eml being automatically downloaded to unsuspecting Web site visitors.
In an apparent tribute to the back door left by Code Red, Nimda goes on to open additional security holes, weakening IIS servers in the face of future bugs, signalling the weakness to would-be crackers.
Paul Duckman, head of global support for anti-virus vendor Sophos, said that while the most destructive virus of 2001 was most probably Sircam, for its tendency to find and e-mail possibly confidential information, Nimda was the most prevalent.
-One of the things Code Red did was to exploit faults in Microsoft's IIS software, and leave another back door in its wake," Duckman said. -Nimda then exploited this back door, and left behind some of its own."
As this Code Red/Nimda tag race tore through servers through out the world, virus experts were confronted with a new level of threat in which viruses were not only more sophisticated in terms of the way they spread, but virus writers were becoming increasingly sophisticated in terms of the way they played off each other's technology.
-We are seeing more cocktail viruses," said Allan Bell, senior marketing manager for anti-virus software vendor NAI. -Not only do they pose a combination of threats, they also use a combination of techniques to spread."
It's sad that people focus their efforts on producing code that damages rather than actually putting their skill to work in a constructive manner. Does writing a virus that destroys a strangers work or crashes an IRC server really prove talent, ability or maturity.... or is it the technological equivalent of scrawling your name on the side of a train.
It's putting the onus on to users to spend time and money on antivirus tools, and rely on the antivirus vendors to keep one step ahead (one of the better products at that from www.nod32.com.au) and implement firewalls (such as from www.tinysoftware.com) and other security / anti-intrusion mechanisms.
Outlook and IIS often have the finger pointed at them as exasperating the problems, but Linux servers are just as vulnerable. The press 'slamming' of MS is often seen as legitimising the anti-social activities targeting the Win32 platforms.
The problem is, as the counter-measures get better the virus code will have to become more efficient, effective and stealthy... and to get the attention the juvenile writers desire the results of a successful infection will have to be 'bigger and better'
The worst may well be yet to come, but there's a lot of things that responsible sysadmins, ISPs, AntiVirus vendors, and the press can do to reduce the hysteria spinning, ego-pandering attention that is generated with each new virus