Oh, It’s SoBig!

Thomas Terranova

Are Viruses, Worms, Trojan Horses, and Spam the new Four Horsemen of the Apocalypse? Most people love drama, especially when it doesn't take too much of a personal toll on them, and hackers, anti-virus companies, service providers, and individual users are no exception...

If it weren't for things like sobig—the latest Internet virus to gain international infamy — what would we talk about? Imagine — we might actually be forced to face some real issues. As sobig filled up mailboxes around the world, angry businessmen began furiously tapping their feet and counting up the virtual pennies they were losing to email inefficiency. While a few large Internet businesses were legitimately crippled, the reality is that most of us didn't suffer significantly. Perhaps you had to spend 30 seconds deleting spam before you could read your email. Irritating, but hardly worth a panic.

Media hypsters would like you to believe that the four horsemen of the Apocalypse have finally arrived: Viruses, Worms, Trojan Horses, and Spam. This cartoonish quartet is constantly hailed as the bringer of doom, but somehow we always seem to defeat them. It's like a huge virtual cartoon being played out as entertainment for a bored Western world. While people in under-developed countries struggle to find water or to fight real viruses without medical care, we're all busy whining that spam and telemarketers ruin our lives.

Will viruses and worms topple the Internet? No. The Internet is like a huge living entity composed of many independent systems working in concert. Like biological viruses, computer viruses can attack and weaken various systems. They may even bring the whole damn thing to its knees eventually—like a bad case of the flu—but eventually the system will repair itself. This is not to say that we should have a pacifist attitude. It's very important for people to speak out against viruses and other virtual maladies, to fight them and create cures for them. But it's also important for hackers and hobbyists to engineer new viruses and to exploit every new weakness they can find. These constant attacks protect us by keeping us on guard. Like the common colds that afflict us all from time to time, the occasional email virus serves to stimulate our virtual immune system. If the manufacturers of virus software weren't constantly scrambling to address new threats, their technological edge would dull and hacker attack would become a real threat. We should treat hackers like intellectual, flash-in-the-pan celebrities, not like arch criminals.

Hackers, anti-virus companies, service providers, and individual users are all intertwined in a deeply symbiotic relationship. It would be wonderful to discard all the melodrama of each big virus "crisis" in favor of a more rational view, but that seems unlikely. Most people love drama, especially when it doesn't take too much of a personal toll on them. It's pure Schadenfreude to hear about corporations suffering or to talk about hackers and the ever imminent "email apocalypse." It may be that this drama plays as important roll in giving the whole symbiotic relationship some momentum, like the catalyst for a chemical reaction.

So should you be afraid of these four horsemen? No. But if it helps to motivate you into protecting yourself and staying informed, go ahead and be afraid. It's okay. I'm here for you.

What’s Next?
Have we seen the worst that malicious code writers can muster? Hardly. Here’s a glimpse at some of the enemies who will make our online future more dangerous:

Chimeras: Expect to see viruses that can jump from one platform to another—in the same way that SARS jumped from rat to bird to human. Simile.D was one of the first simple lab viruses to affect both Windows and Linux, but further advances in this area will happen with unexpected speed.

Mutations: Although it's been used already, virus authors will continue to incorporate varying levels of mutation into their creations. As a virus spreads, most offspring will be very similar, allowing them to be digitally profiled and quarantined by anti-virus programs. However, a portion of the offspring will feature radical mutations and adaptations.

Anti-Heuristics: As anti-virus programs improve their heuristics—their ability to identify previously unknown viruses based on their behaviors or qualities—expect to see viruses that can outthink and even exploit these engines. The more detections systems grow in complexity, the more vulnerable they themselves become.

Despite the best anti-virus protection in the world, the greatest weakness is always going to be human curiosity. If the person who disseminates a virus in an email — the most crude and obvious mode of infection — can just manage to get inside your head, they can tempt you into opening almost anything...