Computer virus activity across the Asia-Pacific is forecast to rise next year as old strains continue to make their way through the Internet and new, mass-mailing mutations spread infection faster, according to industry experts. Senior officials from anti-virus software makers Sophos and Symantec projected this yesterday amid efforts within their industry to tighten co-operation against destructive computer virus attacks. 'There is the potential for increased vulnerability in this region because of the growing demand for always-on, broadband Internet connection at home, where users do not always follow even the most basic precautions,' said Sophos chief executive Jan Hruska. He said lapses in computer security vigilance at home and in enterprises worldwide led to the continued proliferation of old virus strains. Although this year saw a string of high-profile virus incidents, named after anything from tennis stars to soft drinks, researchers at Sophos found that Kakworm, a worm program first detected in 1999, was still the seventh most commonly encountered virus worldwide. Kakworm made it possible for Internet users on Microsoft's Outlook or Outlook Express with Internet Explorer 5 to become infected just by viewing infected e-mail. Mr Hruska said that software patches protecting against this infection were freely available online, but Kakworm persisted because of the complacency of users in regularly updating individual or corporate computer security. Nimda, a hybrid Trojan horse/worm program, topped Sophos' ranking of the world's 10 most detected viruses this year. Sophos said Nimda's effectiveness came from its ability to infect computers using a variety of techniques that used to be profiled separately as either a Trojan horse or worm program characteristic. David Banes, Symantec's Asia-Pacific security response manager, said Nimda and the earlier-detected Code Red viruses made it likely that more multi-pronged virus attacks would occur this year. 'Corporate networks and consumer systems are being compromised more frequently by what we call blended Internet security threats. 'Nimda, the Code Red viruses and the Sircam worm showed how individual security categories have merged and have the potential of mutating in the process,' Mr Banes said. In their basic form, worms create exact copies of themselves and use communication between computers to spread. Trojan horses are programs that appear legitimate but carry a hidden, harmful payload of functions, including spreading virus infection or allowing other computer users to take control of another's computer over the Internet. As an earlier form of hybrid virus, Sircam duped thousands of users into double-clicking on infected e-mail attachments because it had the ability to change the e-mail subject line each time it replicated. Mr Hruska said all anti-virus vendors - whether focused on corporate or individual security issues, or both - had been co-operating against virus incidents through a system called Revs (rapid exchange of virus samples). Formed last year with the help of The WildList Organisation International and acknowledged as the world's main source of virus information, Revs allows an anti-virus researcher to forward a secure copy of a virus to all anti-virus software vendors within minutes of the virus being discovered. Further developments in anti-virus software vendor co-operation and potential virus threats are the main focus of the two-day Avar (Association of Anti-Virus Asia Researchers) conference, which starts tomorrow in Hong Kong. This is an annual event organised by Avar, an independent, non-profit association, since 1998, according to conference chairman Allan Dyer. He said this year's conference was co-organised by the Information Security Special Interest Group of the Hong Kong Computer Society. Avar features prominent experts on computer viruses from Australia, China, Hong Kong, India, Japan, South Korea, Taiwan and the United States.
