Security industry adopts uniform virus names

The US Computer Emergency Readiness Team (US-CERT) has kicked off an initiative to create common names for Internet worms and threats. The Common Malware Enumeration (CME) initiative aims to reduce confusion with the general public that is caused by disparate naming schemes for internet threats.

A recent worm that used a known vulnerability in the Windows operating system for instance was referred to as Zotob.E by Symantec, W32/IRCbot.worm!MS05-039 by McAfee while Trend Micro christened it WORM_RBOT.CBQ.

Currently Internet worms are often named using information about the virus or a follow a description the author entered when crafting the malware. The new naming scheme uses a CME-number, with the first virus being called CME-1 and so forth.

A similar naming system already exists for security vulnerabilities in software, which uses a Common Vulnerability and Exposure (CVE) identifier that includes the year in which it was identified and a sequential number. The worm naming initiative however chose not to include date information because users incorrectly rely on the date information and culd take an ‘old’ vulnerability less serious. The project is backed by several of the leading security and software vendors including Computer Associates, McAfee, Microsoft, Symantec and F-Secure.