"Are mobile phones safe from viruses?" "Should virus writers be punished?" "What's China doing about computer viruses?" These were some of the major topics discussed in the Fourth Anti-Virus Asia Researchers Conference, which took place on the 3rd and 4th December in Hong Kong. More than 150 information security officials from many governments, anti-virus technology specialists, networks and system administrators and anti-virus vendors exchanged views and professional knowledge on combating viruses. AVAR Conference was co-organised by the Association of Anti-Virus Asia Researchers and the Information Security Special Interest Group of the HKCS.
Vesselin Bontchev gave the first day keynote speech on the Responsibilities of the Anti-Virus Researcher. These are quite extensive, starting with meeting the technical challenges, education, co-operation, with other researchers and law enforcement, and ethical considerations.
Among the speakers on the first day was Jan Hruska, Chief Executive Officer of Sophos Anti-Virus, who brought along a thought provoking topic: Is virus writing really that bad? Dr. Hruska answered in the affirmative, and asked for frequent prosecution, but with modest penalties. He urged users to be ready to lodge complaints; the anti-virus companies and the media to release realistic damage figures; and for authorities to act swiftly without drama.
Mr. Zhang Jian, Senior Engineer at China's National Computer Virus Emergency Response Center, spoke on the progress of anti-virus works in China. He pointed out that the viruses CODERED and NIMDA have infected systems in many government departments, businesses and universities. Some of their networks had crashed, with incalculable losses.
The Response Center also carried out the first nationwide virus prevalence survey ever conducted in China this year, said Mr. Zhang. Among the 6000 computer users who took part in the interview, 73% of those asked had experience virus infection in their computers and 53% of them were hit three times or more. 43% of them experienced data loss in the virus attacks. Among those, 14% had lost all data. In China, the key media for virus to spread are floppy disks and CD-ROMs. In addition, the rapid development of Internet viruses will further worsen the problem in China.
There are about 22 millions internet-users in China at present, but according to Mr. Zhang, most of them have only basic computer and networks knowledge. This situation, he pointed out, makes it difficult for China to develop information security technology.
While computer viruses attract the bulk of the attention, other devices may also become victims of high-tech attacks. The functions of mobile phones have become more complicated than ever. As the technology improves, the threat of virus attacks also increases. Mr. Yuji Hoshizawa from Symantec Japan examined data security on the newly launched Java-enabled mobile phones.
This new technology allows mobile phones to download and store a variety of dynamic Java applications from the Internet. Mr. Hoshizawa concluded that these phones may not be as secure as some think, and that anti-virus vendors should look for ways to block potential virus outbreaks.
Robert Vibert introduced the Anti-Virus Information Exchange Network (AVIEN), a relatively new organisation that states its objectives as, "World domination, one PC at a timeā¦ ", and which requires members to have a sense of humour. AVIEN's serious purpose is to allow major anti-virus users to exchange information and provide mutual support. Representing over 3 million PCs worldwide, their message to vendors is that the vendors do not have all the answers.
Eva Chen, Chief Technical Officer of Trend Micro gave the keynote for the second day on the "Next Code for Virus Fighters". She challenged our old perceptions of the anti-virus developer as a doctor who is able to vaccinate the patient against future threats. Instead, the reality is closer to a fire fighter, who responds quickly and effectively to the latest outbreak.
Dennis Longley reminded us of a fundamental principle of security; that any security system that is unable to prevent a high impact from a low resourced attack is inadequate. The resistance of corporations to increase security budgets and address the problems has contributed to the development of the current situation of virus epidemics.
Katrin Tocheva covered the development of worms and classified them according to methods of spread, network environment and platform. She examined the criteria needed to achieve fast spreading in the different environments. Francois Paget also gave his thoughts on this hot topic.
The other speakers were also well received. Takashi Kume introduced information security policy in Japan and Masao Tatsuzaki reported on Japanese Cyber Crime. Vincent Gullotto reviewed the year. Szilard Stange covered the difficulties of safely sending virus samples between researchers. Randy Abrams described the coporate virus checking service. Igor Muttik took on the problems of accurately comparing the effectiveness of anti-virus software. David Barrett and Costin Raiu described their automated methods of virus analysis, called VIRTUE and MIRA, respectively. Gabor Szappanos covered the issues raised by the introduction of Office XP.
Each day ended with a panel discussion, the first on "Searching for Best Practice" and the second on "Look Back and Look Forwards, Technical Changes" that generated some interesting viewpoints.
Copies of the conference proceedings are available for purchase from the HKCS Office. AVAR 2002 will be held in Korea.