Sophos has criticised Symantec and Network Associates (NAI) for
virus scare-mongering in the run-up to the Millennium. With many
businesses deeply concerned about Y2K, confusing statements from
anti-virus companies trivialise the virus issue and damage the
credibility of the industry as a whole.
In a recent interview, the chief researcher at Symantec
Anti-Virus Research Center was reported as saying there might be
200,000 new viruses written especially for the Millennium.
Meanwhile, Network Associates has set up a website warning of virus
"threats" which, according to Sophos are not in the wild, and are
never likely to be.
"Predictions of this type are unhelpful," said Graham Cluley,
senior technology consultant at Sophos. "We are surprised to see
anti-virus companies trying to capitalise on Y2K worries. The
anti-virus problem is a day-to-day security issue and attempts to
weave it into Y2K concerns damage the credibility of the entire
anti-virus industry."
Sophos researchers point out that any virus is guilty of
unauthorised modification of a computer system (a crime in many
countries). Focusing only on viruses which target specific dates
gives a false sense of security.
At the Virus Bulletin conference in Canada next month, Graham
Cluley will be presenting a paper entitled "Is there a Y2K virus
problem?". Paul Ducklin, head of research at Sophos, will be
talking on "Counting Viruses", explaining why predicting virus
numbers is an inaccurate measure of the threat.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.