‘Blended threat’ computer viruses

August 16, 2002

Email

WASHINGTON: You can never be too vigilant in your fight against computer viruses.

Just take the advice of self-proclaimed “computer guru” Brian Ludlow, a computer aided graphic designer in Washington, D.C. For a few days, for reasons Ludlow is loath to admit, the virus software he uses was uninstalled.

“That was a big mistake,” Ludlow told the German Press Agency dpa.

In no time, either through e-mail or by surfing the Internet, Ludlow’s PC contracted a virus known as W32.Nimda.E@mm. Ludlow’s hard drive started reading and writing data constantly, even when he was not using the computer. Initially, the computer specialist suspected the Microsoft utility such as Fast Find or Indexing Service was doing its job. But the activity never ceased.

After a day or so, applications started taking longer to load. Most troubling was that Ludlow also noticed his always-on Internet connection seemed to be transferring data even when he wasn’t surfing the Internet.

Finally, the worst happened.

“I came home to find my Windows 2000 system reporting that critical system files had been changed,” he said.

In a panic, Ludlow reinstalled his antivirus software and allowed it to start scanning his hard drive. Soon, thousands of infected files were discovered. He was saved only when he was able to restore a backup made earlier that week and allow the virus software to scan the restored files, which also contained viruses.

The story had a happy ending for Ludlow, but for the rest of us, the message is clear: Watch out.

“Viruses are getting more complicated all the time,” Kevin Haley, antivirus product manager at software maker Symantec, told dpa. “They’re using a whole range of tricks to get at your PC and your data.”

Th most potentially damaging viruses today have been given the moniker “blended threats” by antivirus specialists. The W32.Nimda.E@mm virus falls under this category.

These blended threat viruses can not only cause your PC to behave erratically but can also include software that allows hackers to gain access to your computer when it is connected to the Internet. Credit card numbers, bank numbers, passwords, sensitive e-mail, and other personal data are then up for grabs.

Some recent viruses, such as the Klez virus now showing up with frequency around the world, even carry their own e-mailing subsystems. With these, according to Haley, viruses can send out mail themselves, grabbing subject lines that you yourself have composed in an attempt to make the virus appear like a legitimate e-mail message.

Guarding against today’s sophisticated viruses is becoming complicated, even for computer professionals. That’s because the most sophisticated blended threat viruses can be leashed upon your system not only by opening attachments accompanying e-mail messages but also simply by visiting the wrong Web site.

That’s why antivirus experts recommend you take stricter measures than you might have in the past to protect yourself.

— Use antivirus software, and keep virus definitions up-to-date. Most major antivirus software makers today include features such as “live update” that automatically download the latest antivirus protection software to your PC. Although the major antivirus programs, including Norton Antivirus and McAfee VirusScan, can guard against some 60,000 known viruses, new ones are discovered on a weekly basis.

—- Close the preview pane in your e-mail program. Most e-mail programs, including Microsoft’s popular Outlook and Outlook Express, automatically display the text of an e-mail message in a preview pane when you click on the subject line. You can turn off this automatic display. Doing so will prevent some sophisticated viruses from running automatically as you click the subject line.

—- Consider a personal firewall. If a blended threat virus does make its way onto your PC and installs software allowing hackers to gain access to your sensitive data, the only way you can protect yourself is with a firewall. Personal firewall software will prevent unauthorized access to your PC through the Internet. Popular programs include Norton Personal Firewall (http://www. symantec.com/ sabu/nis/npf) and ZoneAlarm (http:// www. zonelabs.com).

Above all, though, don’t consider antivirus software an option. And once you have it, keep it up-to-date.

“Virus writers write viruses specifically to outwit antivirus software,” Haley says.—dpa