Wrap-Up of the Data Security Year

SAN JOSE, Calif., Dec. 29 /PRNewswire/ — F-Secure, a leader in centrally managed security solutions for the mobile, distributed enterprise, today summarised that the year 2000 was the year when computer safety became a household word. Viruses, worms, trojans and hacking and denial-of-service attacks, not to mention the Y2K scare, induced a state of dread to savvy and novice computer users alike and kept computer security companies on their toes. Unfortunately, the future looks no brighter, says Mikko Hypponen, Manager of Anti-Virus Research at F-Secure Corporation. The “bad guys” and their tricks are here to stay.

In February, the DoS (denial-of-service) attacks started. The attacks are easy to launch, but difficult to prevent. All it takes is one person with a grudge, and he or she can bring down one or any number of Internet sites. Yahoo, CNN and eBay were among those hit this year. CNN was bombarded by a 15-year-old Canadian who called himself “Mafiaboy.” He was later arrested.

Hackers were also busy during the year. The best-known incident was the intrusion into Microsoft’s internal network. Microsoft has been continually battling to plug security holes in their programs, and in October they were forced to admit that someone had succeeded in penetrating their system. The company vehemently denies that source code was stolen, but many believe that the full extent of the break-in has not been disclosed. Some people believe the vulnerability of Microsoft to such attacks presents a security threat to the United States.

A hacker was also able to send a counterfeit press release to Internet Wire Service, purporting to be from the network equipment manufacturer, Emulex. As a result, the share price of the company fell by almost 50%. In addition to major hacker attacks, smaller hits, and credit card thefts were made on a variety of sites.

Global virus epidemics also took place during the year. LoveLetter and all its relatives was the biggest virus problem in the history of the computer, says Mikko Hypponen.

LoveLetter started in the Philippines and spread like wildfire all around the world in a matter of hours. The worm arrived as an attachment to an e-mail, and if the recipient opened the file, the worm used Microsoft Outlook (if installed) to send a message to everyone in any address books, possibly hundreds or thousands of addresses. The lessons of the Melissa virus of the previous year helped to clean up systems, but only after massive damage had been done.

And what about the Y2K scare at the end of 1999 — was it necessary? After all, nothing much happened. But yes, says Mikko Hypponen, it was necessary. Without the updating that was done during the mad rush before the turn calendar to years beginning with a “20” instead of “19,” the computer world would have been in much worse shape today at the start of the new year. Many lessons have been learned during the year, but unfortunately, an attacker is always one step ahead of the defender. The trend is clear — more and more attacks of every kind are going to be made. Computer users have learned to be somewhat more wary, but hackers are also becoming more skilled. A new threat is posed by viruses, worms and Trojans that target the emerging mobile environment, such as cell phones and PDAs, Mikko Hypponen concludes. The price of using new technology must include constant vigilance against these threats.

About F-Secure Corporation

F-Secure Corporation is a leading provider of centrally managed security for today’s mobile, wireless enterprise. The company offers a full range of award-winning, integrated anti-virus, file encryption, distributed firewall and VPN solutions for workstations, servers, gateways and mobile devices. F-Secure products are uniquely suited for delivery of Security as a Service (TM) which provides invisible, reliable, always-on, and up-to-date security for the most widely distributed user base. Whether provided by corporate IT or delivered by service providers, F-Secure solutions extend policy-based security and instant alerts to all devices where information is created, stored or accessed. Founded in 1988, F-Secure Corporation is listed on the Helsinki Stock Exchange (Helsinki: FSC). The company is headquartered in Espoo, Finland with North American headquarters in San Jose, California, as well as offices worldwide.

CONTACT: Michael Barash of Neale-May & Partners, 650-328-5555, ext. 139, or mbarash@nealemay.com, for F-Secure, Inc.; or Kathleen McVey of F-Secure, Inc., 408-350-2169, or kathleen.mcvey@f-secure.com.