Top Stories

THE DUBLIN WEB SUMMIT 2.0
WordPress founder Matt Mullenweg speaks of HTML 5 and the web's future at the summit on 4 February, 2010.
EMC in Ireland
Chief executive, Joe Tucci, on EMC in Ireland and the future high-growth areas in IT.
Hide Header

Also in this section

 

What's in a name?

14.10.2005
Last week in Dublin an initiative for assigning common identifiers for viruses and other forms of malicious code received its official launch. Two years in the making, the Common Malware Enumeration (CME) plan is intended to take some of the confusion out of current naming schemes.

In future, whenever a high-profile attack is discovered, the CME will assign a unique number to it so that regardless of different vendors' naming conventions, IT managers will know that for example, viruses called XYZ and ABC in security alerts or antivirus software updates are actually really the 123 virus; as a result they need only defend against one threat rather than what appears to be two different attacks.

Backed by the US Computer Emergency Readiness Team, the scheme also has the support of most major players in the security industry, including Trend Micro, Computer Associates, McAfee, Microsoft, Kaspersky Lab, Symantec and Sophos. More information is available at cme.mitre.org.

It's thought that businesses using security software from different suppliers will be able to reconcile varying pieces of information and decide whether each of the products they use protects against newly released viruses or worms.

Although antivirus suppliers back the move, not all agree on its usefulness. Graham Cluley, senior technology consultant with Sophos, welcomed the plan. "This is a positive thing. You'll be able to tie pieces together."

David Perry, global director of education with Trend Micro, was less optimistic. "Now you're going to have 18 names and a number," he grumbled. "We could go by the hurricane [naming system] but if the virus is part of a family, there has to be consistency. The difference between Mytob.AB and Mytob.AC is infinitesimal."

Larry Bridwell, content security manager at ICSA Labs, suggested that the scheme shouldn't be seen as a cure for all ills and he likened it to a biological index found in an encyclopedia. "CME was never designed to solve the naming problem, it's more like an identifier. A clover in Pennsylvania might be a shamrock in Ireland but no matter what you call it, this is what it is."

Whether the scheme will help businesses to make better security decisions is unclear. Jeanette Jarvis, who is in charge of tackling malware at the aircraft manufacturer Boeing, believes it might not be the best short-term fix for organisations that use multiple security vendors' products. "When we trap and block a brand new threat, we need to know does the other vendor protect against it," she said. However despite some misgivings she broadly welcomed the initiative.

Site design by Whitespace Publishing. Web development and hosting by Tibus