By Phil Jones
Roughly 18 months ago the software industry was willing to take bets on an imminent crisis hitting the anti-virus software business. The reasoning was that with Microsoft Windows 95 set to drive the last vestiges of the DOS operating system from the hard drives of the world’s desktop computers, computer viruses, bereft of their favorite habitat, were about to go the way of the dodo and the dinosaur. As it turned out, nothing could have been further from the truth. Windows 95 and its bigger 32-bit relation, Windows NT, may be gradually displacing DOS from the corporate desktop, but anyone who expected them to help eradicate viruses must now be bitterly disappointed. Although reports of Windows 95 and Windows NT-specific viruses are scarce, first generation 16-bit viruses are still finding places on modern hard drives to hide and prosper, while a new generation of more deadly 32-bit ‘macro-viruses’ is emerging which by-pass the operating system altogether and directly infect applications and their data files instead. These new viruses are potentially more destructive than any of their predecessors and, thanks to the increasingly pervasive nature of electronic mail and the Internet, they are spreading faster and wider than their 16-bit forerunners ever did.
Biological virus
Industry analyst groups suggest that, as a result of the Internet, computers now exchange data at least 100 times over. The Internet is for the computer virus what the jet plane was for the biological virus, says Peter Watkins, international vice president of anti-virus specialist, McAfee Associates. Indeed, earlier this summer, experts from institutions such as IBM’s High Integrity Computing Laboratory were quietly warning the computing community that with 8,000 known viruses already identified, and an estimated six new varieties currently being discovered every day, the virus problem is far from being solved. As long as viruses appear able to adapt and modify their techniques to stay one step ahead of the anti-virus community, advances in technologies like the Internet are more likely to act as a fillip to the virus writer as they are an obstacle. Ultimately the anti- virus community will no longer be able to keep up with the productivity of its virus-writing foes. Clearly from the point of view of anti-virus software developers, this is not entirely bad news. On the contrary, as the virus problem escalates so too should the sales of anti-virus software. In the US today, the minimum annual premium payable to insure an average-sized company against the consequences of a virus attack is approximately $100,000. Even at this price, no insurance company will take on the risk of insuring against virus infection unless the customer is able to demonstrate that it has taken all possible measures to avoid such an infection. The deployment of anti-virus software is, therefore, already becoming a strategic issue for corporate information technology users. Whereas information system managers used to buy anti-virus software on a fairly piecemeal basis, the vast populations of corporate personal computers now present in most organizations means that ad hoc remedies are no longer sufficient. Companies, say analysts, must start to treat their anti-virus policy and practices as strategic issues. But this also brings new pressures on the anti-virus suppliers and is changing the nature of the business. Anti-virus companies must now learn to adapt to new environments, just as virus writers have to keep finding ways to exploit new computing conditions. While some anti-virus companies will be able to grow to meet this challenge others, inevitably, will not. Growing is, increasingly, the operative word. Since the late 1980s when the first virus found its way into an unsuspecting personal computer’s DOS boot sector, the measures needed to combat viruses have tended to be developed by small specialist companies. In fact, in many parts of the world local anti-virus specialists have sprung up in response to locally written viruses, de
veloping products which have no useful purpose elsewhere. To some extent this parochial aspect of the virus problem is already fast disappearing. A boot sector virus developed by a delinquent student in Kiev, might once have stood very little chance of being transported via an infected floppy disk to the personal computer of an accountant in Ohio. Today, a macro virus written by the same computer vandal may very easily end up in Ohio, Omaha, Ontario or the Orange Free State, thanks to electronic mail and the Internet. This issue brings into question the long-term viability of the small, local anti-virus software developer. The future is likely to belong to a new kind of anti-virus company, which is not only able to bring a global scope to its marketing effort but which is also able to take a more holistic approach to combating viruses as part of a corporate security and remote systems management strategy. There are already two obvious contenders for this role – Symantec Corp and McAfee Associates. Both companies have strong roots in the anti-virus industry and both are now striving to grow their business into a variety of related security areas in a bid to become global security forces.
Overlooked opportunity
Symantec owes its stake in the anti-virus business to its acquisition several years ago of the utilities company, Norton. Ironically, Norton, one of the early leaders of the anti-virus software movement, almost overlooked the opportunity completely. Peter Norton, the company’s founder, is infamously quoted as saying many years ago that viruses did not exist: Viruses are a figment of some users’ overactive imaginations. It’s probably just a bug. Much to the benefit of his company, Norton quickly changed his mind and, according to research outfit International Data Corp, Norton was the leading anti-virus product by value in 1994, the last year for which figures are available, with a 49.5% share of a total market worth $71.3m worldwide. Today Symantec is keener than ever to talk up its anti-virus software capabilities. Although most of its revenues, which reached $445.4m in 1996, up from $431.3m the year before, come from network utilities software, anti-virus products are seen as increasingly important components of larger systems management and security bundles. To retain its strong position in the sale of network utility software, Symantec believes its reputation as an anti-virus software provider will have an increasingly important role to play. Unlike Symantec, which uses anti-virus software as a means of supporting a larger network systems business, McAfee is probably the world’s most successful anti-virus specialist. But the company now wants to use this expertise to springboard into the larger network security and remote systems management market. Bill Larson, McAfee’s president and chief executive officer makes no bones about the reason for his company’s success: Viruses really are very easy to write, he says. So long as there are bright, delinquent 14 year-olds in the world there will be demand for our products. Larson recognizes that in order to sustain the company’s growth rate, it has to continue to produce new products and services. Even though companies such as Symantec and McAfee are using anti-virus software as a weapon in a larger fight for control of the security market, demand for specialist anti-virus software is not likely to go away completely. In the second part of this article, originally published in Computer Business Review, Phil Jones asks if attempts to cure the virus problem can ever be successful.
