COMMENTARY--It's sad, but true. We'll see plenty of e-mail viruses in 2004, despite expectations that these pests would disappear in 2003. Here's why viruses won't go away--and how to protect yourself.When the MiMail.l e-mail virus appeared last month, it got little attention from the media. After all, it was only a minor variant of the MiMail family, and spread slowly across the Internet, right?
Well, it may not have been the most destructive worm ever, but it turns out that MiMail virtually shut down The Spamhaus Project and SpamCop, two sites where you can report spam abuses.
2003 was supposed to be the year to end e-mail-borne viruses, given that both MS Outlook and antivirus apps have become much better at stopping them. But in 2004, I expect to see more of these pests, especially more spam-related ones like MiMail.l, as professional spammers continue using them both to collect e-mail addresses and to distribute their messages anonymously.
MiMail.l wasn't the first worm involved with junk e-mail. As early as January 2003, antivirus experts noticed a worm called Sobig was aiding the sending of spam. By early summer of 2003, there was evidence that Sobig was building a network of what are called open proxies, systems that act as blind intermediary portals to the Internet.
By the time the Sobig.f variant came along in mid-August, the open proxy network created by earlier variants helped Sobig.f infect over one million PCs worldwide in less than 24 hours, making it the fastest spreading computer virus or worm on record. The August infection further expanded the open proxy network, giving future variants the ability to spread even faster.
Lists of these open proxies are quite valuable, and are bought and sold in chat rooms and elsewhere on the Net. This is largely because open proxies allow individuals to access the Internet through a remote system's IP address. For professional spammers, this sort of anonymous Net access is a must. It makes it difficult for law enforcement to track the vast quantities of messages spammers send back to their sources.
Large open proxy networks also help spammers get their messages out faster than sending them through one or two systems. In 2003, the e-mail security company MessageLabs found that two-thirds of the spam being circulated on the Internet was relayed through the use of open proxies.
Spammers use viruses for more than just creating open proxies. They use viral code to collect active e-mail addresses, too. In the past, spammers bought CDs containing both valid and invalid e-mail addresses, taking their chances that a profitable percentage would be live. But now spammers can infect computers worldwide with viruses that will send hundreds of thousands of active e-mail addresses back to the spammer within hours, then turn around and start flooding those addresses with spam.
MessageLabs predicts that spam will account for over 70 percent of e-mail traffic by April of 2004. Given that current antispam legislation is largely ineffective, the onus will continue to be on you and me to protect ourselves.
What to do? Well, fortify yourself, of course, as I've been saying throughout 2003 and will continue to say in 2004. In addition to running a good antivirus/firewall combination, such as Trend Micro's PC-cillin Internet Security 2004, on your system, I recommend installing a good spam blocker, such as Norton AntiSpam 2004 or Qurb. The antivirus/firewall app will keep your desktop from sending out spam without your knowledge, and the antispam app will help shield you from the onslaught of unsolicited, incoming mail.
I wish I could promise you that in 2004, we'll see the end of e-mail viruses and spam. Unfortunately, I expect to see even more.
But there is hope. In 2004, Microsoft will start rolling out changes to its Windows Server platform that the software giant says will limit the growth of spam. And by the end of 2004, companies participating in the US government's National Strategy to Secure Cyberspace are expected to make recommendations on how to limit the growth of viruses and Trojan horses, among other Internet maladies. It may be a little late, but better late than never, right? I hope I'll have better news for you in 2005.
What do you think? Do you think there's any way to stop e-mail viruses? Why or why not? Let us know at edit@zdnet.com.au.
2%
4%
