In July UK-based anti-virus company Sophos said that it had detected and protected against 3,279 new viruses in the first six months of 2002. And during this period, the single most prevalent virus was Klez-H, which was first reported in March 2002. But in the same six-month period in 2001, the company said that it detected and protected against 6,127 new viruses, almost twice as many as this year.
More significantly, while the top ten viruses in the first half of 2001 included Badtrans (W32/Badtrans-A), Hybris (W32/Hybris-B) and a few other notable baddies, this period was before the arrival of Code Red, SirCam and Nimda, some of the most destructive bugs to hit the Net. By the end of 2001 the company said it had dealt with over 11,200 new viruses, worms and Trojan horses in the year.
Why virus activity has fallen off in the first half of the year remains unclear. But Bruce Hopkins, head of information security services at KPMG in Dublin, believes that a number of factors have contributed to the trend.
According to Hopkins, last year's highly effective virus attacks on computer systems have raised the bar for virus makers for two reasons. First, malware creators often want to create bugs that are entirely new and as time passes this becomes more difficult and subsequently fewer viruses appear. The second factor, which relates to the first, is that new anti-virus software and systems, put in place in the wake of last year's deadly worms and Trojan horses, are much more capable of coping with new threats.
Indeed, most new anti-virus software products are far more effective against so-called "script kiddies," or virus makers that build elementary worms and viruses using a common computer code, such as visual basic scripting. Furthermore, companies that were hit with some of 2001's worst computer attacks are now far more diligent in updating their e-security measures.
"It's not easy to say why things have slowed down, I just know there is less of problem than before," Hopkins told ElectricNews.Net. "This year, I am not getting the panicked calls from clients about major security breeches."
Hopkins did however note that the infamous Klez bug has done some notable damage this year, and that virus makers are continually looking at new ways to invade and corrupt systems. He pointed to a virus specifically designed to attack SAP systems as a sign that more trouble could be ahead. "The SAP virus didn't work, but eventually someone could come up with something that does," he noted. "The real test of the danger of a virus is how much damage it does in the few hours after its release [and before anti-virus measures are available]."
Moreover, e-security companies are often reluctant to say that the worst threats are gone because there is always potential for more dangers around the corner. And as always, their mantra remains in place; update e-security software and install patches as soon as they become available.