By Monte Enbysk

I spend a growing percentage of my time getting rid of unwanted e-mails that contain viruses. If I open one of them, it potentially could overwrite files and disable my antivirus software.

	TIP: If you have to temporarily disable antivirus software on your PC, ensure the following when you re-enable it: "On-access" or "real-time" scanning is enabled. Disabling this option can leave you vulnerable to threats. Antivirus software is set to perform a scheduled scan of your hard disk. Antivirus software is configured to scan e-mail by default.

What exactly is in the heads of these virus writers? Anything?

I took my inquiry to Sarah Gordon, an expert on the psychology of hackers and virus writers. She did her best to answer an overly broad question. Gordon is a senior research fellow at Symantec's security response unit, and previously was a researcher for the antivirus research and development team at IBM's Thomas J. Watson Research Centre.

She meets face-to-face with hackers and virus writers on occasion, to understand why they do what they do, and conducts research at international hacker conferences such as DEF CON. To see Gordon's background and some of her research papers, visit her website at www.badguys.org.

She'll tell you right away that hackers — people who devise ways to break into networks — are different than virus writers, and in most cases, more advanced. Virus writers are generally younger (some as young as 10 or 11 years old), on a lower rung of the underground tech strata and not always aware of the damage that could incur. Also, she stresses, writing damaging viruses isn't against the law everywhere.

All that is Gordon's way of suggesting there truly is a low barrier to entry. She says parents and teachers need to be more assertive in teaching kids in the Internet Age that morality is as important in the virtual world as it is in the real world. In general, parents need to pay more attention to what their children are doing on the computer. She also chastises journalists for frequently overestimating the damage virus writers do, thereby glorifying their acts and power.

"While the media are starting to realize that virus writers are not geniuses, or heroes 'helping' us to understand security risks, there is still a long way to go — especially in countries where viruses (and virus writing) are relatively new and where ethics is not part of the curriculum," she says in an e-mail interview.

Transferring Real-World Values
Courtesy of Gordon, here are seven things about virus writers that you should know.

1. They're often kids, but not always. In general, virus writers are young people under 30 and predominantly male, Gordon says. Many are in their teens. But stereotypes can be dangerous here, because some veteran IT people have been known to write viruses on the side to "test the security" of certain networks and systems. "Often people 'play around' with viruses, not realizing the damage they can cause. They think that because they can't 'see' them do anything, it's all OK."

2. Their goals vary and many don't even have goals. Some simply are exploring programming self-replicating code. Others, however, are trying to gain notoriety or make a personal, political or social statement. A few are disgruntled workers. "Generally, many young people who write viruses don't connect the act with the damage that can occur ... That said, some virus writers have a pretty good idea of the end result, and do it anyway. These tend to be older individuals, who write viruses with the intent of causing damage and chaos." The media has frequently exaggerated the impact early on, encouraging others to create their own stir, Gordon says. But she recognises the media's role in trying to notify users early on so they can prepare their defences.

3. Their targets are generally random. Many virus writers claim to be pointing out the vulnerabilities of a software product or manufacturer or the lack of security at a particular company, such as where they work. Gordon contends that many use that as an excuse or "cover" for an adventure gone awry, or for destruction more widespread than anticipated. She suggests that most people directing anger or actions at specific targets will use other means, such as hacking their systems, to accomplish their goals. "Most viruses don't appear to be written with destruction in mind," she reiterates. "Many are written to be destructive — and while there may be a political or a social statement in them, they are generally (though not always) pretty much randomly targeted."

4. Virus writers aren't necessarily exceptionally intelligent. This is not a collective slam on their brainpower, but more to suggest that it doesn't take elite technical skills to write damaging viruses — which is scary. "Virus writing is not rocket science, and it doesn't take any special elite skill to be able to write a self-replicating program," she says. Essentially, virus writers produce self-replicating code that includes a damaging payload. Those who create the most destructive payloads — the Klez, SirCam and Nimda viruses, for example — very well may be more proficient than others, she admits. Yet, for the most part, as virus writers advance their technical skills, they move beyond virus writing to other technical pursuits.

5. Virus writers feed off new technology and each others' innovations. Serious virus writers build on what has caused havoc in the past. They also take advantage of the latest tools and technologies, Gordon says. As a result, tomorrow's viruses are likely to be more complicated and potentially much more destructive than today's, she says. The good news is that virus writing doesn't seem to be a career for many.

6. Education can help stop them. Educating PC users on what attachments not to open is part of this, but not really Gordon's point here. She believes that families and schools, in the Internet Age, have an obligation to teach children how to behave on the computer — to extend moral and ethical behaviour from the real world to the virtual world. For example, children need to be taught that reading another person's e-mail is just as wrong as opening a letter from a neighbour's mailbox. "This technology lends itself well to depersonalisation and de-sensitisation," she says. "We need to learn more about the dynamics of computer-mediated communication, and find ways to help real-world values transfer to virtual interactions."

7. Protection needs to be fortified. Before No. 6 has measurable impact, we need to worry about No. 5. Gordon foresees more challenging viruses ahead, including viruses combined with hacking tools to beat through antivirus protection. She recommends that businesses have firewall-intrusion protection as well as antivirus software. "The solutions must be integrated too, to deal with these blended threats. It is not enough to be protected from just viruses." She adds that while viruses now target the PC, they likely will threaten mobile devices in the years ahead.

Hackers, as I've said, are a different breed.