Tuesday, 31 March 2009

A virus that can attack in a flash

Photo Supplied
Khmer Anti-Virus creator Kheng Vantha.


The Phnom Penh Post

Written by Kyle Sherer
Tuesday, 31 March 2009

Internet experts say the possibility of a slow-spreading local virus means Cambodian users should not rely solely on common anti-virus software, but also find extra protection locally

The development of high-speed internet in Cambodia has thrown open the floodgates for internationally created, fast-spreading computer viruses. Cambodian computer users who think they can beat malware by simply installing Norton AntiVirus are enjoying a false sense of internet security, according to Bernard Alphonso, director of Cambodian-based Alphonso Security Consulting.

"I have frequently encountered people in Cambodia who are under the impression that because they are not in a country with a high internet penetration rate, they should not been overly concerned about viruses, fraud or data theft," he said.

"This attitude could not be further from the truth, and it is putting many businesses and individual computer users at high risk."

Carlton Pringle, technical director at Conical Hat Software, said Cambodian web-surfers are just as vulnerable to internet viruses as people in other countries.

However, unlike in other countries, users here have more to fear from USB drives than they do from the net.

"I think the threat level from fast-spreading virus attacks in Cambodia is similar to anywhere else in the world," he said. "So all the usual security precautions used in the West are also applicable in Cambodia.

"However, the slow-spreading viruses, such as those spread by USB disks, present a whole new challenge. If a virus is created in this part of the world, perhaps in China or Vietnam for example, and spreads slowly on USB flash drives, then there isn't going to be the required critical mass of infection in the USA for the well-known antivirus manufacturers to provide a remedy through their software."

Layered protection
Pringle said that for this reason, Cambodian users should not rely on a single antivirus program. "Anti-virus programs typically work by keeping a database of threats. But no antivirus manufacturer is building a database of threats that exactly matches the threat profile in Cambodia."

"So it's a good idea for companies in Cambodia to also run antivirus software from other manufacturers based in other locations, such as Rising AntiVirus, made in Beijing. It's not unusual for companies that try alternative antivirus software to find they are infected with two or three viruses that well-known American antivirus programs are just not finding."

Kheng Vantha, web designer for Expat Advisory Services and creator of Khmer Anti-Virus, said there were a few precautions users could take to prevent slow-spreading viruses from attacking their computer.

"Instead of double-clicking on folders when you plug your flash drive into your computer, you should click the folder name on the left panel," he said.

"Some viruses on USB drives have a folder icon to trick users into activating them."

He said users should also disable the Autorun option on their computers, which automatically accesses external drives when they're plugged into a computer. "Autorun is a good way for a virus to attack your PC," said Vantha. "When you plug in a USB drive, Windows will automatically run the files, so your PC can catch the virus. But the TweakUI program, available on the internet, can disable Autorun easily."

But even if a Cambodian computer user is vigilant against viruses, there's still a minefield of dangers.

"Viruses are just the tip of the crimeware iceberg," Pringle said. "Understanding current and emerging security threats like rootkits, bot networks, spyware, adware and click fraud is certainly challenging for the average Cambodian computer user."

"To face internet threats, Cambodian computer users should not rely on one single type of protection," said Alphonso. "They should never take anything for granted. And when in doubt, don't click the mouse."

No comments: