An end to global viruses - for good?
The Defence Evaluation and Research Agency (Dera), an agency of the Ministry of Defence, on Tuesday unveiled software that detects when a virus is attempting to send e-mails to all the names in your address book-which is how such bugs as ILOVEYOU and Kournikova caused such widespread havoc so quickly. The software requires you to authorize any such action, theoretically nipping global virus attacks in the bud.
The new software-named ::Mail - is a response to growing concern about the vulnerability of corporate and government computer systems to viruses. Dera's Simon Wiseman, who led Dera's software development team, said the group used Ministry of Defence experience with preventing confidential information leaks to come up with the ::Mail concept.
The ILOVEYOU virus caused chaos around the world last May when it overloaded the computer systems of large companies such as the BBC and Microsoft, and caused an estimated $3 billion of damage. In February an e-mail purporting to carry pictures of tennis star Anna Kournikova spread twice as fast as ILOVEYOU.
Despite their scope, however, such viruses are relatively simple, and all operate on the same principles: they encourage a user to open the e-mail and launch an attached Visual Basic Scripting (VBS) file (which may be disguised as an image file). On some PCs, the file may even be run automatically as soon as message is viewed.
The VBS file then causes the e-mail application to automatically send copies of the infected message to all the names in the user's address book. The message seems all the more innocuous because it is usually being received from an acquaintance.
Despite the apparent simplicity of Dera's solution, experts note that the problem has never been a technically difficult one--rather, it is a matter of encouraging users and companies to take the necessary steps. For example, if all Windows users turned off Visual Basic Scripting, viruses such as Kournikova would not be able to spread at all. Microsoft has been criticized for its failure to remove the Windows Scripting Host that allows VBS files to operate.
Ultimately the success of ::Mail will depend on whether users and organisations get around to using it. "It's not going to do anything at all unless people install it," said Jack Clark, European product manager with antivirus company Network Associates.