Mikko Hypponen Quotes (32 Quotes)

A large company would not want somebody entering their premises with an infected phone because they could easily infect the entire company's phones.

The target is fooled into logging into a fake bank, where they ask for his authorization code. The fake bank logs into the real bank with the one-time password and moves money around. Then it gets back to the customer, says there has been a problem and asks him to give the next code.

Otherwise, it's totally new code. But there's a common idea,

He's been playing a game of cat and mouse with the authorities for over two years. I really do hope they'll be able to track him down.

We have listed URLs that we are recommending systems administrators block. We don't recommend blocking the whole domain, as 99 percent of the pages on these free Austrian and German domains are OK. You should just block the problem URLs.

It's the first time I've heard of any activity coming from there.

It's definitely going down all the time.

The situation on the Internet right now is so bad that if you go and buy a brand new computer and turn it on and plug it into the Internet, it will be infected by a worm within five to ten minutes,

It's really quite clever, ... It uses realistic file names and sends those to people you know. It's social engineering, just like we saw with Love Letter.

Everybody was hoping they would get the patch out before a major attack would start. Now it looks like they are succeeding in doing just that. Well done.

If you invest in a security product and if you have a large company, it costs you a lot. And if it works perfectly, you have no problem, which means you don't see the product at all. You pay lots of money, but you don't see any results.

Everybody would like to see the patch as soon as possible, but I can't blame Microsoft for wanting to test it thoroughly. However, if a widespread worm is found before next Tuesday, I do believe they will break the cycle and just release the patch.

This is nasty, as this is done on all mounted drives, ie. any drive that has a drive letter. So it might affect your USB thumb drives, external hard drives and network drives. Also, if you're taking daily automatic backups, you might end up backing up the corrupted files over good files.

I've worked with viruses for 15 years and things have been getting progressively worse. This year is going to be bad.

We have seen dozens of different attacks using this vulnerability since Dec. 27. One exploits image files and tries to get users to click on them another is an MSN Messenger worm that will send the worm to people on your buddy list, and we have seen several spam attacks.

Companies should make sure that their patch procedures extend to all applications, including security and backup programs.

The most significant change has been the evolution of virus writing hobbyists into criminally operated gangs bent on financial gain.

It's trivial for anybody to understand how it works, ... To modify the virus is relatively easy, and to change what the e-mail says is trivial.

We are seeing less of the big virus outbreaks such as Sasser and Blaster, and so some people believe the situation is getting better, when in fact it is getting worse. The bad boys are getting more professional and doing more targeted attacks.

This is enough to invoke the exploit and infect the machine.

Mozilla's popularity has gone from almost zero to double digits, so they have had to deal with a lot of sudden attention. Since Mozilla has become popular, people have been looking for more vulnerabilities.

Right now, the situation is bad, but it could be much worse. The potential for problems is bigger than we have ever seen. We estimate 99 percent of computers worldwide are vulnerable to this attack.

(The) vast majority of the machines infected...are home computers. Nothing will happen on them until people get home from work and boot up their machines. We'd like to think that they whole problem was avoided and everybody cleaned up their machines in time. But unfortunately, that's probably not true.

These will only get reported when people get home from work, and it will take awhile before they figure out who to call.

There appears to be three different virus writing gangs turning out new worms at an alarming rate -- as if they would be competing who would build the biggest network of infected machines.

It took 15 years for the first moneymaking viruses to emerge for the PC. On the mobile side, I'm sure it will happen. It just hasn't happened yet.

You will not even have enough time to go online and download all the patches to your computer before it is infected.

There is no need to have your computer online 24 hours (a day) as a target of an attack when you are sleeping or away from your computer.

It all comes down to whether the code ends up being shared or not. We have not seen it out on the Internet yet.

There might be no attack at all. As everybody knows about the attack, the virus writer may lay low and attack at a later date. The ISPs involved can actively block malicious postings. It's more likely the attacker will lay low or be blocked rather than succeed.

This was not a bug this was something that was needed at the time. It is just bad design, design from another era.

As the virus is not new it's 2 years old this could only have happened if those testing computers were not running any anti-virus programs,