Topic: MyDoomed doomed within two hours  (Read 1054 times)

0 Members and 1 Guest are viewing this topic.

Toasty0

  • Guest
MyDoomed doomed within two hours
« on: February 03, 2004, 10:34:02 am »
Sitting in a lounge chair glaring at his laptop computer, Ero Carrera hardly looks like someone in the frontline against computer worms and viruses, but appearances are deceptive: Carrera says he cracked the MyDoom worm in less than two hours.

"Just before midnight we started to get calls from all over, informing us that something big was going on," Carrera, in his mid-20s, said when recounting the events last Monday night when the MyDoom worm was first detected.

"Technologically however it was an easy one, not difficult at all," Carrera said.

Less than two hours after he first got his hands on MyDoom, thousands of his clients around the world had access to updated virus protection, effectively shielding them from the latest bug.

Carrera and a dozen colleagues work for the Finnish internet security firm F-Secure, one of a handful of teams worldwide that work at neutralising computer viruses.

Every day they let around 10 new viruses or worms - most of them harmless works done by amateurs - infect their computers in order to learn how they work, their characteristics, and how they can be eliminated.


   advertisement
   
   advertisement

But every now and then something spectacular comes their way, like last year's Lovsan, Blaster and Sobig, or this week's MyDoom, also know as Novarg.

Last Monday night, Carrera first ran MyDoom on an isolated computer to see how it worked. Then he decrypted and decoded the bug, breaking it up to learn what the individual parts did, thereby learning its characteristics.

Once that was done, it was easy to write detection software for it, he said, claiming he had completed the task in less than two hours at his Helsinki apartment.

But technology can only do that much, Mikko Hyppoenen, Carrera's boss, pointed out. The real reason why viruses cause havoc to computer systems around the world is human behaviour, he said.

"The virus outbreaks are not a technological problem, but a social problem. People never learn. Even when they are repeatedly told to not open any suspicious emails or attachments, they still continue to do it," he noted.

"The solution to this problem is simple - we have to stop the viruses before they reach the individual computer users, by having their internet service providers intercept and remove the infected files."

But this again is illegal in many jurisdictions, and while the internet is global, the legislation of individual countries connected to the internet is not, providing a lot of local variations and loopholes, Hyppoenen said.

In most Western countries there is a ban on spreading viruses, but not in some African and Pacific countries. As a result viruses are frequently released there with impunity, often having been created elsewhere, he noted.

But whatever the legislation, the origins of computer viruses are usually undetectable, and will remain so for the foreseeable future, he said.

In 1991, when Hyppoenen first started cracking viruses, there were about 300 of them. Today, more than 12 years later, there are about 90,000, and the next epidemic could strike anytime.

Until then Carrera and his teammates will sit in their comfortable lounge chairs, eating junk food and passing time by surfing the internet and playing computer games, but never forgetting that the next battle may be just moments away.


http://www.theage.com.au/articles/2004/02/02/1075570331680.html

Hmmmm....the smoke eater syndrom?  

Toasty0

  • Guest
MyDoomed doomed within two hours
« Reply #1 on: February 03, 2004, 10:34:02 am »
Sitting in a lounge chair glaring at his laptop computer, Ero Carrera hardly looks like someone in the frontline against computer worms and viruses, but appearances are deceptive: Carrera says he cracked the MyDoom worm in less than two hours.

"Just before midnight we started to get calls from all over, informing us that something big was going on," Carrera, in his mid-20s, said when recounting the events last Monday night when the MyDoom worm was first detected.

"Technologically however it was an easy one, not difficult at all," Carrera said.

Less than two hours after he first got his hands on MyDoom, thousands of his clients around the world had access to updated virus protection, effectively shielding them from the latest bug.

Carrera and a dozen colleagues work for the Finnish internet security firm F-Secure, one of a handful of teams worldwide that work at neutralising computer viruses.

Every day they let around 10 new viruses or worms - most of them harmless works done by amateurs - infect their computers in order to learn how they work, their characteristics, and how they can be eliminated.


   advertisement
   
   advertisement

But every now and then something spectacular comes their way, like last year's Lovsan, Blaster and Sobig, or this week's MyDoom, also know as Novarg.

Last Monday night, Carrera first ran MyDoom on an isolated computer to see how it worked. Then he decrypted and decoded the bug, breaking it up to learn what the individual parts did, thereby learning its characteristics.

Once that was done, it was easy to write detection software for it, he said, claiming he had completed the task in less than two hours at his Helsinki apartment.

But technology can only do that much, Mikko Hyppoenen, Carrera's boss, pointed out. The real reason why viruses cause havoc to computer systems around the world is human behaviour, he said.

"The virus outbreaks are not a technological problem, but a social problem. People never learn. Even when they are repeatedly told to not open any suspicious emails or attachments, they still continue to do it," he noted.

"The solution to this problem is simple - we have to stop the viruses before they reach the individual computer users, by having their internet service providers intercept and remove the infected files."

But this again is illegal in many jurisdictions, and while the internet is global, the legislation of individual countries connected to the internet is not, providing a lot of local variations and loopholes, Hyppoenen said.

In most Western countries there is a ban on spreading viruses, but not in some African and Pacific countries. As a result viruses are frequently released there with impunity, often having been created elsewhere, he noted.

But whatever the legislation, the origins of computer viruses are usually undetectable, and will remain so for the foreseeable future, he said.

In 1991, when Hyppoenen first started cracking viruses, there were about 300 of them. Today, more than 12 years later, there are about 90,000, and the next epidemic could strike anytime.

Until then Carrera and his teammates will sit in their comfortable lounge chairs, eating junk food and passing time by surfing the internet and playing computer games, but never forgetting that the next battle may be just moments away.


http://www.theage.com.au/articles/2004/02/02/1075570331680.html

Hmmmm....the smoke eater syndrom?  

Toasty0

  • Guest
MyDoomed doomed within two hours
« Reply #2 on: February 03, 2004, 10:34:02 am »
Sitting in a lounge chair glaring at his laptop computer, Ero Carrera hardly looks like someone in the frontline against computer worms and viruses, but appearances are deceptive: Carrera says he cracked the MyDoom worm in less than two hours.

"Just before midnight we started to get calls from all over, informing us that something big was going on," Carrera, in his mid-20s, said when recounting the events last Monday night when the MyDoom worm was first detected.

"Technologically however it was an easy one, not difficult at all," Carrera said.

Less than two hours after he first got his hands on MyDoom, thousands of his clients around the world had access to updated virus protection, effectively shielding them from the latest bug.

Carrera and a dozen colleagues work for the Finnish internet security firm F-Secure, one of a handful of teams worldwide that work at neutralising computer viruses.

Every day they let around 10 new viruses or worms - most of them harmless works done by amateurs - infect their computers in order to learn how they work, their characteristics, and how they can be eliminated.


   advertisement
   
   advertisement

But every now and then something spectacular comes their way, like last year's Lovsan, Blaster and Sobig, or this week's MyDoom, also know as Novarg.

Last Monday night, Carrera first ran MyDoom on an isolated computer to see how it worked. Then he decrypted and decoded the bug, breaking it up to learn what the individual parts did, thereby learning its characteristics.

Once that was done, it was easy to write detection software for it, he said, claiming he had completed the task in less than two hours at his Helsinki apartment.

But technology can only do that much, Mikko Hyppoenen, Carrera's boss, pointed out. The real reason why viruses cause havoc to computer systems around the world is human behaviour, he said.

"The virus outbreaks are not a technological problem, but a social problem. People never learn. Even when they are repeatedly told to not open any suspicious emails or attachments, they still continue to do it," he noted.

"The solution to this problem is simple - we have to stop the viruses before they reach the individual computer users, by having their internet service providers intercept and remove the infected files."

But this again is illegal in many jurisdictions, and while the internet is global, the legislation of individual countries connected to the internet is not, providing a lot of local variations and loopholes, Hyppoenen said.

In most Western countries there is a ban on spreading viruses, but not in some African and Pacific countries. As a result viruses are frequently released there with impunity, often having been created elsewhere, he noted.

But whatever the legislation, the origins of computer viruses are usually undetectable, and will remain so for the foreseeable future, he said.

In 1991, when Hyppoenen first started cracking viruses, there were about 300 of them. Today, more than 12 years later, there are about 90,000, and the next epidemic could strike anytime.

Until then Carrera and his teammates will sit in their comfortable lounge chairs, eating junk food and passing time by surfing the internet and playing computer games, but never forgetting that the next battle may be just moments away.


http://www.theage.com.au/articles/2004/02/02/1075570331680.html

Hmmmm....the smoke eater syndrom?