As automated programs have made computer hacking and the creation of malicious code easier, more security administrators are scanning for the software tools used to create viruses and attack networks.
And while companies and universities are looking to secure their own systems, they are also concerned with the liability that comes with malicious code that was created on their systems being used against other systems.
A spokesperson for Tally Systems, a Lebanon, New Hampshire maker of automated PC inventory systems that has "fingerprinted" more than 400 malicious applications, told NewsFactor Network that software identification is often overlooked by security officials.
"It's something that a lot of people may not think about," said Tally's Randy Britton. "Even if you have a firewall, you're running anti-virus software and you're vigilant about security, you may not be aware of what people in your organization have on their computers."
Tally cites a 1999 Computer Security Institute (CSI)/Federal Bureau of Investigation (FBI (news - web sites)) survey that indicates 55 percent of respondents reported malicious activity by insiders; and a 2001 survey where 91 percent of respondents detected employee abuse of Internet access privileges.
Tracking Down Software
Tally's census recognition software, which red-flags mischievous software such as audioware,
bombers, breachers, cloakers, crackers, crypters, scanners, sniffers, spoofers, trojans and virus
makers among others, is updated every 30 days, according to Britton.
He said the initial list of 400 applications grows by about 300 every month, but Tally officials expect the number of "fingerprinted" programs, which include new versions of Microsoft Word and other legitimate software, to taper off as time goes on.
"The idea is to give you a complete list of applications on your network, be they malicious or not," Britton said. "It's much more a question of awareness and moving forward from that."
"It's making sure the tiger doesn't get out of the cage," he added, referring to malicious applications used to internally test security.
Automated Hacking
Quoting FBI National Infrastructure Protection Center director Michael A. Vatis, Tally claims the
availability of attack scripts and protocols on the Internet has made malicious computer attacks easier.
"You used to have to be a pretty talented hacker to go out and do these things," Britton said. "But there has been an increase in automated tools, where you just download and write a virus."
Symantec senior director of engineering Harry Wan told NewsFactor Network that virus fighters face an ongoing dichotomy of "a large number of easy-to-write viruses and a small number of hard-to-write viruses."
Wan said that hacker tools make it easier to write a virus that proliferates, but that the common tools also make hacking harder because security companies are quick to identify the malicious applications.
Liability and Privacy
Tally also claims that companies could be held liable for illegal hacking activity by insiders, "and
damage can often run into the millions," said a company statement that refers to Melissa virus writer
David Smith and the reported US$80 million in damage caused by the virus.
Britton told NewsFactor that how Tally clients use its auditing system is up to them, but added that the company is a potentially liable party.
"You have people saying, 'I don't want anyone scanning my PC,' but in most circumstances, it's a company asset -- the machine itself and the software on it," Britton said. "[The companies] are the ones who are liable."