What's in a Name?
Computer viruses have been around for decades, each one wrecking its own amount of havoc along the way before the next anti-virus program updates and eradicates it. Most of the time, because people are only concerned with getting rid of the virus so they can resume their normal computing habits, little attention is paid to how computer viruses are named. Knowing the name of a computer virus is not always necessary to get rid of it. With consistently updated anti-virus software installed on a computer system, viruses will essentially take care of themselves without consumers even knowing their name.
It is hard to determine exactly how a virus gets its name simply because each anti-virus company has its own naming conventions they use when developing the updates to locate and remove the virus on the computer system. There are no central naming conventions used, however, many viruses are named based on their characteristics.
Another complication in naming viruses comes from the fact that sometimes a virus thought to be a completely new virus is later discovered to be nothing more than a slight variation from another virus. When a variation of a virus comes along, it is usually given a name similar to that of the original; however, if the variation manages to receive an entirely new name before it is discovered as such, the entirely new name may be the one that sticks.
As a result of this, many viruses often end up with several names, making it even harder to track and build a consistent list of all viruses. Lists of computer viruses are available, but the length varies from hundreds to tens of thousands depending on the depth of research put into developing the list. There is no good way to verify the list due to duplicates, variations, and the speed at which new viruses are developed and named.
Aryeh Goretsky, Special Projects Manager of ESET, says, "I am afraid I do not predict any standardization of naming conventions in the future: The requirement to protect customers against threats means that they need to be added to malware signature databases immediately, and delaying an addition so that dozens of security product developer can agree on a name jeopardizes customer safety." In other words, if companies took the time to name all the threats they fix, more computers would be harmed by the threats because of the time it would take to name them.