A threat by any other name... (page 2 of 2)

Well, no. Their name actually derives from John Brunner's science fiction novel, The Shockwave Rider. In the novel, one of Brunner's characters uses a self-propagating program to distribute information from computer to computer. He called that program a worm. It's still the ability to self-propagate that separates worms from viruses. Worms can spread over a network independently, without the need for host files. Viruses cannot.

Like viruses, however, worms are small programs that can replicate and move from system to system, and although many are benign, some are capable of causing damage to your system. In fact, there's been a recent spate of advanced, malicious worms directed at both home users and corporate networks. Some of these worms—one of them goes by the warm-and-fuzzy moniker, Bugbear—attempt to shut down your personal firewall and virus protection software.

In response to advances in worm design, better worm defenses have evolved. In turn, worm programmers have become more clever and aggressive, creating a kind of escalating cycle of one-upmanship. For example, there was a time when many worms would take over mail programs and use those programs to send themselves to other machines. In response, mail programs were patched to prevent takeover. Now worms like Bugbear have their own email engines, and they can simply email themselves. Some also contain back doors, which allow programmers to access and manipulate their worms after they've been deployed. Security companies, in response to these evolutions, continue to improve their own security measures.

Symantec, however, has taken things a step further and attempted to disrupt the escalating cycle of innovation and response. Norton AntiVirus contains Worm Blocking, a special tool that can anticipate how worms will evolve and block them even before a definition of the worm has been developed. This kind of protection, used in concert with Symantec's time-proven antivirus engine, is at the cutting edge of worm defense.

Blended threats
In recent years, a new security category has emerged: the blended threat. Blended threats exhibit a combination of virus, worm, and Trojan horse characteristics. Because blended threats have more than one way to propagate and cause damage, they are particularly nasty and difficult to contain. Nimda is perhaps the best-known blended threat. Nimda, which is "admin" spelled backwards, is a mass-mailing program that uses multiple methods to distribute itself. It was discovered in 2001, and although it affected most kinds of Windows operating systems, it specifically targeted corporate Web servers running Microsoft IIS.

Since Nimda appeared, blended threats have been on the rise and continue to evolve. One of the most recent blended threats is Klez and its iterations. Klez not only distributes itself through multiple means, but also uses clever personal mail message subjects to fool users into opening infected attachments. Some of its variants have been known to damage operating systems beyond repair.

To counter blended threats, you need to take a comprehensive security approach. Fortunately, Symantec combines its most powerful tools in one convenient package. Norton Internet Security includes Norton™ Personal Firewall, Norton AntiVirus, and a number of other newly-developed security tools. It's equipped to combat all sorts of viruses, Trojan horses, and worms, as well as their variously-named hybrids. So, don't let the imaginative and wide-ranging jargon of computer security leave you confused and uncertain. A threat by any other name is just a threat, and you can count on Symantec to decipher each one and to meet it on head-on.