Google Security Spotlight: July Virus Attacks
My last few posts discussing the recent viral and trojan email spam that I’ve been receiving co-inside neatly with the latest post on the Google Enterprise Blog.
However, my experience of warnings and security alerts from Secunia and ESET shows how fluid the virus maker’s “selling” activity is, and how we must keep on constant alert to keep the bad guys at bay, even though it’s been quite a while since a really decent threat appeared.
So what am I trying to say here?
Simply that the perceived threat in the Google chart above bears little relation to the actual level of threat reported by security professionals.
For instance, Secunia has for months now reported only green/yellow/orange mail alerts to me for everything with the sole exception of the odd red alert for Microsoft vulnerabilities in it’s core operating systems and software – i.e. windows and office. These I update immediately.
As I speak, the top vulnerability on their virus radar website is a virus from 2004, the ZafiB worm!
Netsky is second!
What this means is that because of the lax way that Microsoft has built and marketed their products to become the statistical mode OS on the world, that is,
- the triumph of form over function …
- and the triumph of style over substance …
- as a means to sell as much product as possible …
- to the “lowest common denominator” customer …
- who has a limited computing skill set …
… the world is awash with flaky software, so that even though all machines should, by now, be updated, it simply isn’t being done.
That’s the only reason that 4-year old threats are still top of the list.
Peer to Peer (p2p)
Interestingly, a prime method of distribution of most of these old dodgy viruses/Trojans/worms is p2p software.
This demonstrates the low skill set and/or morals of a large portion of the computer-using public. They spend their lives cracking and downloading and thus spreading the malware to an ever increasing low skill user base.
There’s so much downloaded that surely, there isn’t the actual time in their lives to actually watch/listen/use the stuff (John Hall – please note!). So therefore, it’s a business.
This point was again brought home to me recently in a conversation I had with a blogger who posts links of cracked and copyright material on his website under the guise of “spreading the message of good music”. This related to stuff from Crawling Chaos here, https://crawlingchaos.co.uk/discography/gas-chair-clown-aka-the-gas-chair
So it’s starts off with lofty Microsoft and their low business morals and finishes with lowly Jim et al and their low personal morals.