Kournikova attack leads to calls for 'virus victims anonymous'

Senior figures in the anti-virus industry are calling for a way for companies to give evidence of damage done by viruses without the fear of bad publicity.

The calls come in the wake of the sentencing of the 21-year-old Dutch writer of the Kournikova virus who was given just 150 hours community service - widely regarded within the IT industry as far too lenient a punishment.

The case was hamstrung by a lack of evidence, with prosecutors only able to find 55 victims happy to give evidence, resulting in estimated damage of just $166,827.

Righard Zwieneberg, senior virus analyst at anti-virus firm Norman, told silicon.com there should be a way for firms to give evidence anonymously.

He said: "The sentence here is clearly not enough to send the right message to would-be virus writers. Companies need to start testifying to get the sentences more severe, but at the moment they are not willing to do this, because of the fear of embarrassment."

A number of different ways of encouraging firms to give evidence have been suggested by the anti-virus industry. These include setting up a confidential service for reporting damage, or offering companies similar protection to that offered to victims of other crimes, such as serious sexual assault, where the courts protect their anonymity.

The newly created National Hi-Tech Crime Unit (NHTCU) is looking at ways to put such measures into action. In a statement, detective superintendent Mick Deats, currently deputy head of the NHTCU, said: "Part of the strategic picture for the NHTCU in its first year is to work closely with business towards developing a comprehensive and secure system for organisations to report incidents of cyber attack."

He added: "The NHCTU recognises the difficulties businesses face reporting incidents of cyber attack but it is hoped that by developing our own confidential reporting system we can take the important step forward in detecting and preventing this type of crime."

However, it was unclear whether any confidential system would generate evidence permissible in court and not everyone is in agreement as to how to take such a scheme forward, or even whether any such measures would be effective.

Graham Cluley, senior virus analyst for anti-virus firm Sophos said: "This is great in principle, but even with a guarantee that there would be no press coverage, I still can't see most boards giving the approval for firms to give evidence.

"When a company is hit by a virus they've had enough trouble from the virus itself, they don't want to create more work for themselves by trying to estimate how much monetary damage it's done, and helping police."

Cluley added: "It's a question of how much time it will take."