BBC NEWS Americas Africa Europe Middle East South Asia Asia Pacific

BBC News World Edition
 You are in: Technology  
News Front Page
Middle East
South Asia
Talking Point
Country Profiles
In Depth
BBC Sport
BBC Weather
Friday, 25 October, 2002, 08:55 GMT 09:55 UK
The battle to control viruses
Sophos HQ, Abingdon
Inside Sophos' headquarter 75,000 viruses lurk
Anti-virus firm Sophos gets more calls about hoaxes than it does about any individual virus.

So much so that it now compiles a list of top ten hoaxes to sit alongside the top ten most virulent viruses explained Graham Cluley, Chief Technology Consultant at Sophos.

While hoaxes cannot actually do any damage to computers, they do use up valuable bandwidth, waste a good deal of resources and are therefore a nuisance.

"Adopt a paranoid attitude. Don't believe any virus warning from anyone," Mr Cluley advised on a recent day out to the Sophos UK headquarters near Oxford to see the damage viruses can do.

Joking aside

Graham Cluley, Sophos
Graham Cluley - 'be paranoid'
He is also keen to persuade users that they need to adopt a more sober approach to their online habits in order to avoid virus infection.

He warned that users often do not follow the basic rules necessary to avoid infecting themselves and others and urged for a bit more online caution.

"Is it worth sharing joke programmes? Rather than share it over the net why not wait until you get down the pub?" he asked.

With 800 new viruses showing up each month and samples of around 3,000 possible viruses being sent into the Sophos labs, it is easy to see why he takes the threat so seriously.

The self-styled anti-virus evangelist confessed that there are lighter moments to his work.

"I'm not supposed to have favourite viruses but some do appeal to my black sense of humour," he said.

Disk Destroyer, a virus first spotted in the early nineties, was one to bring a smile to his face mainly because it offered infected users a sporting chance of getting rid of the virus.

Users were invited to choose a number between one and 10. If they guessed right the virus would go away without causing any trouble for them.

The so-called Polite virus went one step farther, asking users permission to infect their computers.

Mischevious trojan

You are more likely to get beaten up by a member of Status Quo than get a mobile virus

Graham Cluley, Sophos

Generally though viruses are far more troublesome, ranging from trivial annoyances such as making one particular letter on the keyboard squeak every time it is used to more damaging payloads such as deleting files, wiping hard drives and compromising secure information.

Most infect unseen, leaving no trail, no message and only subtle clues such as a gradual slowing down of the computer's functions.

Playing around with the live viruses it is easy to see the attraction to virus writers.

Troj/SubSeven is known in the business as a backdoor Trojan - so-called Trojan Horses are different to viruses because, in simple terms, they do not spread themselves.

Instead Troj/SubSeven gives users remote access to another computer, allowing them to alter data in Excel spreadsheets as the victim types, freeze the use of the mouse and keyboard, as well as flip documents over, alter the clock and a whole range of other mischievous tricks guaranteed to give a new meaning to the phrase 'ghosts in the machine'.

Code breakers

Pink cables in Sophos lab
Pink cables indicate a 'dirty net'
The lab workers at Sophos are surprisingly laid-back considering they share the room with 75,000 viruses.

There are only 20 full-time virus fighters, spending their day staring at computer code and taking apart viruses.

While anyone who can point and click can potentially create a virus from the numerous kits available online, deconstructing them requires a whole different set of skills.

Mr Cluley compares the Sophos team to the World War 2 code breakers, and admits that they are not all conventional techies - one is an ex-vicar.

Pink cables trail around the office, distinguishing 'dirty' PCs - where viruses are isolated and studied - from clean ones.

Mobile threat

Some experts have suggested that the anti-virus fighters could soon have an even greater job on their hands with a wave of new mobile attacks just around the corner.

Mr Cluley thinks the threat of mobile viruses has been over-hyped.

"You are more likely to get beaten up by a member of Status Quo than get one of these," he said.

Although, with the threat of traditional viruses showing no signs of abating, the lab technicians will have plenty to do to keep themselves busy.

See also:

08 Aug 02 | Technology
04 Oct 02 | Technology
28 May 02 | Science/Nature
22 May 02 | Science/Nature
Internet links:

The BBC is not responsible for the content of external internet sites

Links to more Technology stories are at the foot of the page.

E-mail this story to a friend

Links to more Technology stories

© BBC ^^ Back to top

News Front Page | Africa | Americas | Asia-Pacific | Europe | Middle East |
South Asia | UK | Business | Entertainment | Science/Nature |
Technology | Health | Talking Point | Country Profiles | In Depth |