Viruses and worms are primed to become more complex, viscious and dangerous as the days of quick and easy exploits come to an end thanks to Microsoft's efforts to finally lift its game.
Speaking at the AusCERT conference in Queensland on Monday former Bell Laboratories research, IT security author and founder of IT security firm Lumeta, Bill Cheswick said improved security will force malicious code writers to construct more complex wares that will either circumvent or push conventional defences such as anti-virus software and firewalls to their limits.
Cheswick said that recent examples of malicious code, that had not necessarily escaped into the wild, were generally becoming more time consuming and difficult to safely replicate or find a fix for.
“Virus emulators are slowing down. This game is not going to end nicely…what happens if there is a virus you cannot defeat [before it cripples the Internet]? The spooks [defence and information warfare specialists now] worry about viruses with their own compilers,” Cheswick said.
Despite the new threat, Cheswick said that he believed that Microsoft was doing its level best to remedy the way it builds security into its code after some twenty years of less than perfect versions.
If there may have been doubt about Microsoft’s capacity to deliver secure computing, it was not reflected by way of lack of interest in the boss of Redmond’s Security Response Center, Iain Mulholland.
Mulholland backed Cheswick’s assessment of more complex exploits starting to appear, saying that he was seeing “a commodity market being built that buys and sells exploits and vulnerabilities” which he likened to “the next big thing after the dot com boom”.
“The low hanging fruit is gone, some of the exploits we are seeing are very complex,” Mulholland said.
With security now spruiked as the number priority at Redmond’s, output from its army of eager developers was now being put to the blowtorch by the “evil” minds of Microsoft’s vulnerability police, he said.
Mulholland said that while holes were being discovered far more frequently than monthly patch releases, Microsoft was concentrating on getting the best possible quality out of its security updates so that more problems were not caused by the patches.
While no figures were offered on how much money is going into Microsoft’s belated blitz on security, Mulholland said that the company’s research and development expenditure exceeded that of the trouble plagued Star Wars missile defence system.
Not everyone was convinced with one delegate, a government IT security manager who requested anonymity, said the current patching regime was a "heap of crap". He said software updates could potentially be hijacked by diverting the IP address - resulting in possible infection by trojan horses.
Mulholland countered the allegation by saying that code downloaded from Mircosoft was “intentionally very brittle” and that authentication by way of “baked in certificates” was there to protect users.