Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

Most people now know the drill when it comes to thwarting a computer virus. Receive an e-mail with a vague subject line? Trash it.

If only that were enough to keep the Internet free from the wanton devastation of Code Red II and Nimda, just two of the new automated menaces (both technically worms, rather than viruses) now infecting millions of computer networks. Security experts admit such attacks can’t be prevented entirely, but they say simulation technologies now in development might at least help network operators predict how their systems will respond to invaders, so they can prepare better defenses and contain the damage.

The latest rashes of corrupting code are particularly virulent because they don’t require any social engineering-a phrase used to describe how virus makers trick people into opening tainted e-mails-and can infect networks without anybody noticing. Code Red II scans the Internet for vulnerable Web servers and creates “back doors” that allow hackers to control the servers remotely, to date causing $2 billion worth of server downtime and Internet traffic jams. Nimda spreads automatically via shared files, Web pages, e-mail and other routes. Infected computers can be cleaned, but the worms spread with such speed and in such volume that networks can grind to a halt.

Security experts are working to remedy individual vulnerabilities, but they agree the virus makers will always be able to find new ways to intrude. “It’s no longer a question of How can we keep them from coming in?’ but What do we do now?’” says computer scientist David Fisher at the CERT Coordination Center, a government-funded research and development center for Internet security at Carnegie Mellon University. Fisher helped develop Easel, a software simulation tool that runs potential nightmare scenarios involving the likes of Code Red and Nimda. Using the collected data from previous attacks-how many servers were affected in what span of time, for instance-it creates reference models that computer security specialists can use to minimize damage in future attacks. They might, for example, configure a network to recognize a nascent infection and shut down affected servers before the virus can spread further.

The center recently released the beta version of Easel, and similar software is under development at companies such as McAfee and Symantec. “We can’t hope to stop them,” says Sam Curry, virus expert at McAfee, “but by knowing what might happen when they do hit, we can at least keep them contained.”

0 comments about this story. Start the discussion »

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me