« Trenul cu vedere la ferestre | Main | Evolution of network attacks »
February 22, 2007
Catching fast worms
While going through my e-mail backlog, I came by a story on DarkReading. It seems that a group of researchers from the Penn State University have launched a startup which sells their newly developed worm catching technology.
Based on my statistics from Smallpot and MailPot, two honeypots I've developed during the past 4 years at Kaspersky Lab, fast spreading worms are a thing of the past. Actually, even slow spreading, network aware are more or less dying, being replaced by automatic hacking tools and direct network attacks. More about the death of network worms and the rise of targeted attacks in an article I have written for viruslist.com, scheduled for publishing next week.
I guess new ways to fight worms are always welcome, but unfortunately, I suspect those designed to catch fast moving malware will not very successful in the next 5 years. With Microsoft producing more secure versions of Windows and CPU developers trying to mitigate security issues in software through prevention of code execution in data segments, worms that spread automatically between computer systems might become a thing of the past pretty soon. They will be replaced by malware based upon social engineering techniques, malware that is exploiting the weakest link of any computer system: its user.
Posted by Costin Raiu at February 22, 2007 3:49 PM