Virus threat almost doubles in 2002


17 Dec 2002

The ratio of viruses to email nearly doubled in 2002, according to the year-end report of UK-based email security firm, MessageLabs.

The ratio of one in every 212 emails containing a virus in 2002 shows a dramatic increase on previous years. In 2001, MessageLabs stopped an average of one in every 380 emails, while in 2000 the figure was as low as one in every 790. MessageLabs’ monitoring activity covers international as well as UK email traffic.

According to the report, which measured results up to the end of the second week of December, the top five most active viruses in 2002 were Klez.H with 4,918,018 copies intercepted by MessageLabs, Yaha.E with 1,096,683, Bugbear.A with 842,333, Klez.E with 380,937 and last year’s top virus, SirCam.A with 309,832.

Despite Klez being the most active, Bugbear can lay claim to being the most dramatic outbreak of the year, with MessageLabs stopping one in every 87 emails at its height in October. Klez could only reach one in every 169 even at its peak, while Yaha never rose above one every 268. (The two most dramatic outbreaks recorded by MessageLabs remain Goner, at one in 30 last December, and the number one, LoveBug, which hit one every 28 in May 2000).

Commenting on the findings Alex Shipp, senior anti-virus technologist at MessageLabs, said: “A ratio of just over one in every 200 emails proves that 2002 has seen a major rise in the number of viruses in circulation, even if we haven’t seen the dramatic outbreaks of previous years. The main cause seems still to be home users, who have the least protection. As a result, industry sectors that deal with them, such as the retail, leisure and entertainment industries, all continue to be more at risk from infection.”

“The more prevalent viruses this year have been the ones most people have found hardest to spot – like Klez and Bugbear. This is because these are able to ‘spoof’ email addresses, so that the identity of the real sender is difficult to trace. It also means that by mass mailing contacts from a recipient’s address book, further victims are likely to open the rogue email, because they think it is from someone they know and trust,” said Shipp.

He added that, given the high level of threat, the only way to guard against virus attacks was to scan not only at the network level but at the internet level in order to “stop the problem before it arrives”.

By Brian Skelly