'37'

    According to a report released by Computer Economics, virus attacks cost organisations a total of $12.1 billion during 1999. It further adds that over the last three years there has been a major shift, as viruses have become far more malicious and specifically designed for destruction and damages. And the hackers are responsible for all the commotion in the cyberspace.

    The progenitor of the computer virus is the notorious breed of hackers who have unleashed cyber terrorism. They have been hacking lovelessly since 1950s. Earlier they used to design viruses to create a minor annoyance. Now they create it in a multitude of forms.

    Before 1960s, there were phone pranksters who had predilection for disconnecting and misdirecting calls. But with the advent of computers on the scene, the computer whizkids had an insatiable curiosity about how things worked. In those days computers were mainframe. It cost megabucks to run those slow-moving hunks of metal. Programmers had limited access. So the smarter ones created "hacks" i.e., programming shortcuts – to complete computing task more quickly. Sometime their shortcuts were more sophisticated than the original programme such as UNIX. It has been the best hack of all time, created in 1969 by Deenis Ritchie and Ken Thompson.

    In the 1970s, the cyber frontier was wide open. Hacking was all about exploring and figuring out how the wired world worked. The real hacking began in 1980s when IBM announced a new model - a stand alone machine fully loaded with a CPU, software, memory, utilities and storage. Yes, the Personal Computer. One could go anywhere and do anything with them.

    The great hacker war started when the Legion of Doom (LoD) was founded by Lex Luthor. It had the reputation of attracting the best of the best – until one of the gang’s brightest gang acolytes, Phiber Optik got separated and formed a rival group, the Masters of Deception (MOD). For two years they engaged in computer warfare – jamming phone lines, monitoring calls and trespassing each other’s private computers. And the end of the war meant jail to them.

    With the government online, the fun ended. US Congress passed a law enacted in 1986 called the Federal Computer Fraud and Abuse Act and showed that it meant real business.

    Even after enacting the law, Robert Morris came with his internet worm in 1988, crashing 6,000 Net- linked computers and was the first one to land up in jail under the Act’s computer-crime provision. Then came Kevin Mitnick breaking into Digital Equipment Company’s computer network and the Russian hacker who broke into Citibank’s computers. They ended up in jail and were fined hefty sums. And now the Philippino couple who came out with ILOVEYOU virus.

    People who are easily deluded were prey for this stroking of their electronic erogenous zone. The "ILOVEYOU" virus spread like wildfire from the Far East through the financial and political centres, crippling such bastions as the Dow Jones Newswires, the Asian Wall Street Journal, the British Parliament and the United States Congress.

    There is a saying prevalent in the computer underground "If you are a good hacker, everyone knows your name. If you are a great hacker, no one knows who you are".

    The malicious attacker, which invades computer system, has been labelled differently for it is polymorphic in nature, i.e., Trojan Horse, worm and virus. And here the name does matter as different diseases call for different diagnosis.

    The most elementary form of malicious code is the Trojan House. Like its name it puts up an interesting screen saver but conceals a destructive purpose that is destroying files and creating a backdoor entry point that enables an intruder to access the system. A Trojan Horse programme, however, does not propagate itself from one computer to another unlike a virus or worm.

    A computer virus acts as a human disease-carrying virus. It infects programme files and when the infected programme runs, the virus code infects new carriers, i.e., other programme files. So when a user or some infected storage media moves from one machine to another, the virus spreads rapidly.

    The worm is equally disturbing. It is a self-replicating programme that resides in active memory and duplicates itself by means of computer networks. Worms infect operating system that is generally automatic and invisible to the user. They get noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks. At the time when cyber engineers were in the process of combating the ILOVEYOU virus, another NEW LOVE worm and its variants came into the scene which are deadlier than the former as there is no recovery of files and databases. While the latest LOVE bug is still on the prowl, it is reported that Melissa, the virus, is back wearing a new disguise "Resume". It is spreading through e-mail system using the Microsoft-Outlook programme. Several corporate e-mail systems had already been infected and some shut down. The virus is carried in a file attached to an e-mail with the subject "Resume-Janet Simons". And the hackers’ loveless computer love is responsible for these bugs.

    As a general rule of precautions, with a Trojan Horse users must be appropriately suspicious of executable files whose function is not known. With a virus, users must depend on system protection utilities to detect alterations to files that are not in normal user file directories and with a worm, network manages must detect suspicious traffic and take appropriate action before whole groups of users can be harmed.

    `Security experts recommend that computer users should regularly update their anti-virus protection software and back up their data.

    The global fight against computer viruses is on. In the wake of the latest e-mail virus, "NewLove" or "Spammer" security and e-mail companies are proposing ways to relieve computer users of the burden of fending off attacks the world over.

    Pelican security’s safe T-net is designed to prevent damages from viruses, worm and malicious code that can come in the form of e-mail attachment, macro, Active X and Java programmes and applies on Windows system. The software is being beta tested, and a commercial version is available from May 30, 2000.

    Trend Macro is developing a solution that would allow Internet and application service providers to scan their customers’ e-mail for viruses before they reach their computers. US West scans viruses for about 70,000 users. British telecom is also planning to offer the same service. Companies specialising in outsource messaging, such as Critical Path, Compaq’s e-mail server management division and the Allegro subsidiary of Mail.com, are offering antivirus scanning as part of their wider management services.

    Similarly, the Network Associates Inc. has launched a new B-to-B service called mycio.com, which allows enterprises to click on its site for a check of their servers’ vulnerability. Just enter an E-mail and IP address and mycio.com reports back as to whether the server is vulnerable to the receipt of foreign attack codes and whether any foreign attack code presently resides and is running on the server.

    In the Indian context, HCL-Comnet-India’s number one VSAT solutions provider has announced a secure Enterprise Connectivity forum in Mumbai, Bangalore and Delhi. The forum will be co-sponsored by CheckPoint, Security Dynamics, NetPartners and WebTrends – world leaders in enterprise security solutions.

    In a new initiative to address the security threats brought about by the widespread use of Internet in business, HCL Comnet systems & Services Ltd. announced the launch of E-Secure in India. E-Secure is a division of HCL Comnet and offers security solutions across the globe. It offers a range of comprehensive security solutions and policies which cover the large enterprise as well as medium businesses.

    To address the need, the company introduced a set of policies like Authentication Policy, WatchDog Policy, Screening Policy, Access Control Policy, Data Integrity Policy, Remote Access Policy and BandWidth Optimisation Policy.

    HCL Comnet will provide consultancy to help organisations become aware of their security needs covering areas such as Enterprise Network Security, Internal Security for Banks, E-commerce and security for ISPs.

    Responding to the recent flurry of incapacitating attack on various major websites, the computer security and e-mail companies have joined hands and vowed to fight it together. So with a considerable global awakening, no doubt, two years from now anti-virus industry will have a better face in the cyber world with a hope to ensure a secure computer environment.