MALICIOUS SOFTWARE AND ITS IMPACT ON YOUR BOTTOM LINE

According to Forbes Magazine "The greatest threat to global cyber security today...may be your mother's computer". Josh Corman, an Internet Security Systems researcher, believes that the combined computing power of millions of outdated, unprotected computers can be used to attack business, government and private organizations. All these machines are commonly connected by the world's largest Wide Area Network, the Internet. That's not the real problem, though. It apears that in the last year all these machines have fallen under the influence of a single program. A strain of malicious computer software called Storm has been literally enslaving computers all across the planet. Spread by disguising itself as any number of e-mails that would pique human curiosity, the worm started out disguised as a news feed. Now experts judge that the number of computers infected could lie between fifteen and fifty million. What makes matters worse is the fact that the Storm bug has spread much like a terrorist organization. It has no central point of command. Instead, each computer acts like a terrorist cell, acting on it's own accord, but fullfilling an overall purpose.

Storm is scary, for obvious reasons. There is reason to believe it is actually under the control of it's creators. The bug has been used to perform denial of service attacks on researchers who are trying to analyze it. The worm is diabolical, operating in secret and often lying dormant for long periods of time. It is also polymorphic, changing its identity every 30 minutes in order to elude detection by anti-virus software. It also appears it can fool anti-virus programs into concluding they are operating normally, while having no effect on the bug whatsoever.

The major concern for secuity experts is the goal of the worm's creators. Is Storm a weapon? There are indications that the software is actually dividing it's hosts into groups, but to what end? Some suspect we are seeing the formation of a cyber extortion scheme of immense power capable of shutting down government web sites by flooding then with denial of service attacks. There is even speculation that the smaller groups could be formed into a kind of mercenary hit squad, or cyber guns for hire which could brought to bear on any company for the right price, shutting down their computer communications and possibly their operations.

The oddest thing about the bug is that it could be crippled by the simplest of security measures...Simply don't open that e-mail in the first place. As in many cases, it's the human element that forms the weakest link. Personnel have to become aware of the risk and responsibility the may lie behind that simple mouse click.

Unbelievable in its scope, the Storm worm sounds like science fiction. Then again, so did the Internet at one time.