By Y.P. Rajesh
NEW DELHI: Computer systems can never be fully protected from viruses or
hackers as the brains behind such attacks are always a step ahead of security
measures, experts said on Wednesday. Computer users and security system managers
can, however, identify vulnerable sections of their systems and prevent
repetitions of the same crime, they said.
"The bad guys out there are getting cleverer. And nothing is 100 per
cent secure," said Joy Ghosh, India head of Symantec Corp , a leading
provider of security software and services. "Earlier you had to click on an
attachment to an e-mail to activate a virus but now there are viruses which get
activated if you just open the e-mail," Ghosh told an Internet conference.
Experts said tech loopholes could exist across a range of systems that
include desktops, large networks, software and even modems. California-based
Computer Economics, an independent research firm, said last month the worldwide
cost of virus attacks on information systems totaled an estimated $10.7 billion
between January and August.
But that was before computer systems around the world were struck by the
Nimda virus this month which slowed down the Internet and computer networks,
exposed data and made infected machines vulnerable to future hacking by
installing so-called "back doors". Computer Economics said the cost of
virus attacks was $17.1 billion for all of 2000 and $12.1 billion in 1999.
While virus attacks are widely publicised and their dangers shared, hacking
of corporate computer systems are not as companies hate to admit their systems
were hacked, Ghosh said. "From our side of the table, we see it happening
all the time," he said.
S.V. Ramana, vice president for Systems Engineering at Cisco Systems' Indian
unit, said firms focused only on recovering the data they lost after a hacker
attack instead of taking steps to prevent a repetition of such attacks as well.
Attacks on computer systems in a firm by its employees were common and they
could be prevented if security managers maintain a high vigilance on users,
Ramana said. "They have to look out for any unusual computer activity and
also see if employees are trying to gain unauthorised access," he said.
"If this system works well then employees can't be doing what they
shouldn't be," Ramana said.
(C) Reuters Limited 2001.