Does 'dawn of the dead' spell the end for the web?

A leading security expert has claimed that the next year could see the internet face its most severe and damaging challenge yet, warning that a period of unprecedented virus activity could be approaching a deadly endgame.

Speaking to silicon.com at this year's Infosecurity show in London, Pete Simpson, ThreatLab manager at Clearswift, said virus writers have been carrying out a "series of discreet experiments over the past year" – referring to the multiple iterations of worms such as Bagle and MyDoom.

According to many experts in the antivirus field, these worms have created a huge attack base of zombie machines – computers infected with a Trojan horse and controlled by a remote gang of cybercriminals, ready to be deployed at a time of their choosing.

While the likes of SCO, crippled earlier this year by a distributed-denial-of-service attack from infected machines, can vouch for the devastating power of such a network, Simpson believes we haven't seen anything yet compared with what could happen.

According to Simpson, one potential target in the opening salvos of a virus war could be the antivirus update sites. As opening gambits in a battle go, effectively crippling the weapons of those you are attacking is a pretty decisive first move.

For the owners of these networks of compromised machines, Simpson says such an attack is "the obvious next step" and he believes that the gangs behind recent virus attacks will have been planning for some time.

Off the record, Simpson confirmed to silicon.com the names of two major antivirus companies who are taking this threat very seriously.

But not everybody is convinced, though many in the antivirus field are loathe to discuss the issue openly.

Raimund Genes, president of European operations at Trend Micro, said he believes that the network of compromised machines has a commercial purpose, perhaps for sale to spammers, and while he believes such an attack is unlikely, he says his company would cope with an attack on antivirus update sites.

"It would be a major headache and the clear-up operation would be huge, but we would cope," he said.

Other targets of DDoS attacks from compromised machines have included Microsoft, as well as bookmakers who have been the subject of extortion whereby they are threatened with a DDoS attack unless they pay a ransom.