Cyber crawlers get smarter

CIOL Bureau
Updated On
New Update

LAS VEGAS: Internet worms that spread themselves through corporate networks or e-mail programs, wreaking havoc on thousands of computers, are growing faster, smaller and more virulent, a security expert said on Sunday.


One theoretical attack could be so-called "flash worms" designed to spread across the Internet in as little as 15 seconds by splitting themselves into ever smaller pieces to infect as many computers as possible, Jonathan Wignall, chairman of the U.K.'s Data and Network Security Council warned on Sunday.

Another potential threat is a worm that spreads so slowly that no one notices it has even arrived, Wignall said following a speech to a major computer security conference this weekend.

The worm might slowly build a large infection base, which could be activated in the future, he said on the sidelines of DefCon, a three-day gathering in Las Vegas that drew 5,000 security experts to the largest annual conference for Internet defense.


Worms are a more virulent form of computer virus because they seek out new computers to infect on their own rather than needing to piggyback on other programs to propagate.

Internet worms typically spread through e-mail programs, like Melissa in 1999 and Love Letter in 2000, or through holes in software, like Code Red and Nimbda in 2001, which exploited flaws in Microsoft Corp. programs.

Another type of attack, so-called companion worms, could potentially carry other worms with them, Wignall predicted. "This would enable a worm to cross platforms," from Windows to Unix, for example -- something rarely seen to date, he said.


Another way worms could spread is through music-sharing networks such as the popular Kazaa, through which individual computer users can exchange digital songs and other data.

"You (would) have a worm which talks to other copies of the worm," he said. Such worms could even update their own code across the network to make them resistant to anti-virus defenses, Wignall said.

This would amount to a "decentralized infestation on the network," akin to the science fiction scenario depicted in the recent Hollywood movie Terminator 3, which features Sky Net, a U.S. military intelligence computer which burrows into and eventually takes over every computer connected to the Internet.

In yet another type of attack, centrally controlled worms would be distributed quickly to other machines by targeting specific Internet addresses. These would include a trigger to activate at a specific date and time, said Wignall.

© Reuters