Leader: Share your malware knowledge

Two weeks ago, news desks across the UK were throbbing with rumours that the "industrial-strength" Trojans attacking the country's most important government agencies and businesses were coming from China.

But no one could confirm it.

At least not until today, when email security company MessageLabs reluctantly admitted to silicon.com that China is indeed the country the malicious programs try to communicate with. But it also told us that hackers could be controlling the attacks from anywhere in the world.

The UK's National Infrastructure Security Co-ordination Centre (NISCC), which issued the original warning about the Trojans, would only say the attacks were coming from the Far East, admitting it couldn't be sure where they originate.

But there is a more important issue than the location of the hackers.

The attacks, which the NISCC originally spotted in January, were only reported in mid-June, which begs the question, why has the government taken so long to react?

If the NISCC's sole purpose is to inform people and share knowledge with the businesses and government bureaus that make up the Critical National Infrastructure, why did it not speak out sooner? Even if it was only partially aware something bad was happening, wouldn't it be better to alert the industry sooner rather than later? Apparently our government thought not.

The reluctance to finger China in the Trojan wars surely highlights how international politics have worked their way into the online world.

Case in point: antivirus companies Computer Associates, F-Secure, Kaspersky, Sophos and even initially MessageLabs wouldn't comment on which country the Trojans were coming from. When we asked Sophos to show us the Trojans it had detected, so we could examine them ourselves, it refused.

Some of those names are the very same companies who regularly ask the press to publicise online threats for 'the greater good' - usually the headline grabbing ones involving Michael Jackson, the Pope or Britney Spears. But the moment they're asked to comment on something that's more important and less PR friendly they all go quiet.

The message is clear for these keepers of knowledge - the NISCC and antivirus community alike - share your knowledge and we'll all find the antidotes to these threats much quicker. Hoard it and the dangers become greater.