It took less than 24 hours for the "ILoveYou" worm to mercilessly strike and infect PC users and businesses around the globe; yet it could take months before the technological holes and social mechanics that led to the Internet massacre are fully addressed.
Part of the clean-up of the damage stemming from this month's devastating worm hit is to try to figure out if more could have been done - by both the IT industry and general online populace - to stop its blitzkrieg attack.
Some IT managers hit by the virus are finding themselves with little choice but to take personal security practices out of their users' hands as much as possible, said Douglas Korte, technical director at Whole Foods Market.
"You can't trust your users to combat something like this," Korte said as he toured the NetWorld+Interop show in Las Vegas, searching for better security protection for his company. "We're pretty much treading water right now. It's not getting much better, and the technology doesn't seem to be keeping up." Indeed, even antivirus vendors agree that their current technology at best is reactive to curb attacks such as the love bug."
According to Navander Mangalam, director of security at Computer Associates, antivirus technology hasn't been designed to completely stop Visual Basic scripts, which make up about 80 per cent of worm attacks. Doing so, he explained, is not practical for business purposes because so much nonthreatening traffic coming through the firewall and gateway server appears identical to worms.
And yet, simply relying on user awareness to prevent infiltration is not the answer. "I don't think that educating people is going to cut it," Mangalam said. "It's like AIDS. You need a vaccine and have to educate people about it as well."
If antivirus vendors get the hang of trying to incorporate flexible context instead of straight content into their product and service offerings, they may be better prepared to recognise or stop these widespread threats, said Jeff Johnson, president and CEO of Meta Secur e-Com Solutions. "If most antivirus companies did context work, they would have been able to recognise there were things in that code that were truly hostile," he said.
Robert Votta, network engineering and information systems supervisor at Lee Memorial Health Systems Foundation, said the problem might be lessened if people simply sent e-mail correctly.
"We're using e-mail for file exchanges instead of for messaging, and it's killing us," Votta said.