The Internet is going, to Worms that is

1999-06-12

We might still be waiting for Cyberspace, but as far as electronic phages are concerned, Science Fiction has well and truly become hard fact. William Gibson was credited for the former but the concept of viruses and worms first reached popular fiction ten years earlier, in the novel “The Shockwave Rider” by John Brunner. Quote: “It could take days to kill a worm like that, and sometimes weeks”. This situation has been all too apparent recently, starting with Melissa which has spearheaded a whole new wave of viruses such as the most recent (and the most damaging), Worm.ExploreZip.

Viruses have had several forms since their early days. Most commonly, they used to “infect” executables and would propagate themselves when the executables were run (as well as offloading their ‘payload’, with whatever consequences that might have had). Recent examples have been as Word or Excel Macros, and now we have a new breed which exploits weaknesses in our email. There will be software patches and virus recognition updates, all well and good. Or is it?

The problem lies in prediction. Solutions to viruses come after the event, and in the case of Worm.ExploreZip, it is likely that several weeks will pass before it is eradicated. How does it work? It appears as an email attachment, and if it is run, it accesses your Exchange or Outlook address book to forward itself to anyone it can find. Was this problem predictable? No… well, possibly, someone just might have been able to work out a scenario such as this, preferably before the hackers did.

This isn’t a Microsoft-bash here. It is quite likely that similar problems exist in Lotus and Netscape products, to name but two. Users of non-Microsoft messaging, for once, can be thankful that they weren’t using the de facto products. However, lessons should be learned for future generations of all products which use the Internet as a communications medium. For example, as applications providers XML-enable their software, they should be asking the question “What’s the worst possible thing that could happen to someone using my software?” Risk scenarios should be developed, evaluated and countered. We can be sure that, if they’re not doing this, plenty of others will be. Nobody’s directly to blame - to quote John Brunner, “The medium is the mess-up.” All the same, vendors should be doing everything they can now, rather than leaving us overdependent on antivirus companies who have no choice but to provide solutions to problems only after they have occurred.

(First published 12 June 1999)