In the late '80s, the NSF rejected a proposal by university professor Fred Cohen to further research the computer virus -- a term he coined in 1984 to describe a program that can "infect other programs by modifying them to include a possibly evolved copy of itself".
Today, the anti-virus market is a vibrant sub-economy of the IT sector, employing thousands of workers in a business worth billions.
One company trying to gain a foothold in this lucrative market is Korean anti-virus company, Hauri.
The company already operates in the United States, Brazil, Mexico, Japan, China, Europe and Singapore but has kept a low profile since its inception five years ago. According to Seok-Chul Kwon, president and CEO of Hauri, it hopes to establish an office in Australia by 2006 as part of its global expansion plans.
Kwon is determined to improve the company's brand recall and profile of its flagship product, ViRobot. He spoke with ZDNet Australia  about how security products should  work, the impending competition from Microsoft in the anti-virus market, and why current virus eradication procedures are archaic.
When Hauri was established in 1998, there were several well-established anti-virus players in the marketplace such as Symantec, Trend Micro, Computer Associates, Sophos, and F-Secure. Why did you decide on the anti-virus space?
When I was working at the Korean Information Security Agency (KISA), I realised that the trend in virus attacks was moving from DOS (16 bit) towards the Windows environment (32 bit). I also realised that the innovation behind anti-virus solutions slowed tremendously because of that. In the early '90s, when Norton and McAfee first came out, there was a great deal of innovation. But later, there was an imminent need to move up to the next technology level -- in the new operating system and network environment -- in the anti-virus market.
In 1998, I left KISA and started Hauri with four other founding members. We basically self-funded our company. Many people in Korea thought we were out of our minds when we established Hauri. Never mind the global giants like Norton [Symantec] and McAfee, in Korea at that time, we had Ahn Lab's anti-virus solution with over 95 percent of the Korean market.
However, our foresight was proven right when Hauri became the only company able to eradicate the CIH virus from memory in real time and without false positives. Although we warned the public about the huge risk of how CIH destroyed the BIOS on the motherboard, very few believed us. As a consequence, several million computers 'died' the same day -- except our customers' computers. This incident validated our technology throughout the Korean market and made us a formidable anti-virus vendor. Now, we have the second-largest selling anti-virus product in the Korean market.
Can you highlight the main challenges for an Asian company breaking into the US/global market?
As a non-English speaking Asian company, especially in the software market, the barrier to penetrating the US (and global) market is enormous. Brand recognition is the most important factor. To win accounts in the global market, we had to have a story to tell. Why should you use ViRobot? What are our key differentiating factors to win business? How do we compete against the big players already in the marketplace?
There is a tremendous amount of educational work ahead of us. However, we are overcoming the brand recognition issue by going to these markets and having our technology go through 'proof of concept' testing, validation testing and market standard certification. And we have worked on forging new partnerships. We have accomplished all this in a relatively short time since expanding outside Korea in 2002.
Our anti-virus solution, ViRobot, has been awarded major certifications including CheckMark 1, 2, and Trojan, Virus Bulletin VB 100% in 2003, and MS XP Logo just to name a few. Our partnerships, among others, include Microsoft Virus Information Alliance (VIA) along with nine other major anti-virus vendors and Phoenix Technology's ISP Trusted Network Partnership.
We have key account wins in the US and have had great deal of success in penetrating that market, and we've done especially well in the Latin American market. Overall, our account wins in the global market have been tremendous.
Hauri was established in March 1998 but we only started hearing about the company of late. Why have you been so quiet?
We cannot claim to be one of the best anti-virus solutions until we have the leverage to do so. We have been working tirelessly to get up to speed with our virus sample library. It took us quite a while to get all the major US market certifications. Our partnerships in the US and global market have come together within the last 18 months. We are now ready to make the move to compete on a bigger scale. With our key account wins in the US and the global market, we feel we are ready, and as a result, we are making tremendous efforts with our marketing campaigns to get the recognition we deserve.
In Asia-Pacific, you have offices in Singapore, Korea, Japan and China. When do you plan to open an office in Australia?
We plan to establish an Australian office within the next 12 to 24 months. Australia and New Zealand are one of the fastest growing anti-virus markets ... we are looking to establish our offices either in Sydney or Melbourne.
What's the difference between your products and those of Symantec, Trend Micro, and others?
Looking at the market today, the major focus is on scanning and detecting viruses 100 percent. No doubt, this is very critical. However, there really is no completely foolproof way of preventing viruses from breaching the security of any organisation.
Take a look at the amount of damage caused by virus attacks. The Nimda outbreak in 2001 caused over US$635 million worth of damage worldwide. Blaster in 2003 had a damage of approximately US$1 billion, and most recently, MyDoom caused over US$1.3 billion in damages worldwide. The lion's share of money and manpower is spent on eradicating viruses only after the fact -- once the viruses have infected the systems.
We seriously question the policies and methodologies of eradication procedures. Once you have an infection, why not eradicate the virus in real time -- without having to quarantine and/or delete the infected files? Why do you need to download separate cleaning utilities to eradicate viruses? It's a procedure that can be very time consuming and tedious, requiring a reboot of mission critical systems. Why do you have to go through several layers of procedures to eradicate viruses, even the ones from two to three years ago? That doesn't make sense to me.
Our engine has such a small footprint that it takes minimal system resources and CPU usage during system scan. In the enterprise environment, we have shown that critical servers can be scanned during peak performance during regular business hours. These are just some of our value propositions purely from anti-virus engine perspective.
If you look at our enterprise environment, what the network administrator needs is a totally integrated solution package, to have a better grip on their environment. Hauri's central console management offers seamless deployment strategies, coupled with a robust and scalable solution which offers complete control from a central location.
Microsoft is about to roll out its own anti-virus software based on technology developed by GeCad, a Romanian company the software giant
acquired last year. Do you view this as a threat to your busines?
Obviously, this is not a total surprise. However, my view is this: the best-of-breed technology and innovation come from companies that are thinking outside the box.
Integration to create total solutions doesn't automatically mean the best product. Additionally, I doubt the market acceptance of a Microsoft anti-virus product. They will sell anti-virus products to protect the operating system they built from being attacked by virus and hackers? I feel there is a conflict of interest.
However, we're not worried about whether Microsoft comes out with an anti-virus solution or not. We just have to make sure that we offer the best of breed anti-virus technology. This is our company's main focus.
Some believe that users go undefended against viruses because anti-virus applications keep getting more expensive. Do you think basic
anti-virus software should be free?
If we are only talking about scanning and detecting viruses, I would say it can be and should be offered at no expense to consumers. But in reality, when the eradication procedures are involved, there is a charge for consumers from all major anti-virus vendors. I think as a general policy, each and every computer system should come with an anti-virus solution for the first 12 months of purchase.
However, I think every user has to be responsible for updating their anti-virus solutions. As an anti-virus developer and vendor, we have the responsibility to provide the best anti-virus solution possible and that doesn't come cheap.
Do you think the multi-million dollar fund set aside by Microsoft to reward people who provide information about the creators of worms and
viruses is paying dividends?
The mindset of a virus writer is to always 'out-do' the previous virus. We see the viruses becoming more complex and an increase in collaboration between virus writers to create more malicious code -- as witnessed in the recent 'boxing match' between competing hackers of the Netsky and Bagle families.
To date, I haven't seen any dividends from Microsoft's initiative but only time will tell.