The point with this latest virus was that it got past all the AV checks - had a different signature than a regular MyDoom. It spread to a large number of people before any AV solution was available.
There's been some discussion that some time this year we'll see a major email virus spread to millions of people within 10-20 minutes. They expect to see an IM type virus propagate to a similar number within 30 seconds sometime in the very near future. No way you or the AV companies can keep pace with those distribution rates. Takes a least a couple of hours for the virus to come up in their awareness and for them to develop and test a fix then make it available for distribution.
Most of us are used to depending our local and upstream AV detection to protect us as long as we keep it current. With the new generation of extremly fast spreading viruses coming out, that will no longer be enough.
In the very near future, we'll have to be taking system restore points and backing up email address books on a dailly basis. There's a need to reduce the detection, fix, and distribution time of the AV companies but it will still be measured in hours while virus distribution will be measured in minutes or seconds.
This latest virus was a wake-up call for me. within 10 minutes of finding out about it, I was able to download an update from Symantec - even though they hadn't had time to update their main page with info about it (that happened about an hour later).
5 minutes after I had the update, it detected the new virus in an incoming mail - which told me that my web host - who uses two different virus checking products didn't have time to update either of them.
The lesson I learned is that although I have two forms of upstream AV protection, and 2 forms of it on my local PC, it's not going to be enough. The chances of my getting a virus this year are substantially higher than in the past - it's no longer a matter of "if", but "when" and I need a better, more frequent, back-up and recovery scheme.
Topic Options
Post Options
Thanks(0)
