The IT world is shaken more frequently than ever today by new security concerns, such as viruses, worms and trojans. This trend is backed up by the download statistics for anti-virus and anti-spyware updates, as well as the number of parasites listed. And in one of the most recent lawsuits, the 19-year-old author of the worms Sasser and Netsky was sentenced to prison. The court showed no mercy, putting him behind bars for one year and nine months.
Japanese software house Trend Micro estimated that in 2002 malware caused $378 million in damage. In 2004, a count of 37.8 million infected computers was determined, which represents an increase of 8% over 2003. We can assume that the current monthly count would show a further increase over last year, but that level of increase actually turns out to be slower than in previous years, thanks largely to countermeasures that have been enacted. The logical conclusion for IT managers is simple: they must work to prevent intrusions or the unintentional execution of code or program parts.
Nevertheless, such approaches should be as detached as possible from the usual security concepts, such as virus scanners, firewalls or de-militarized zones (DMZs). Quite a number of software suppliers offer a diverse range of PC security software, but so far, this has not yielded satisfactory results. The main reason is that none of these concepts have been applied in a way that included both the hardware and software sides of the problem. This is where the Trusted Computing Group has placed its focus with the Trusted Platform Module (TPM).