- The Washington Times - Friday, May 5, 2000

Computers in offices from the House of Representatives to the District of Columbia's mayor's office were hit by a new e-mail virus Thursday that apparently started in the Philippines but rendered e-mail systems worldwide useless.
At least 270,000 U.S. computers at homes and offices were infected by the so-called "love bug" Thursday, but the figure was expected to rise dramatically, security experts predicted.
The virus spread with amazing speed through e-mail networks as computer users unwittingly forwarded it when they opened an attachment on messages with "ILOVEYOU" in the subject line to all correspondents listed in e-mail address books.
Once activated, the virus also was forwarding itself to people on Internet relay chat lists, a form of instant messaging.
The FBI's National Infrastructure Protection Center began an investigation, interviewing employees from a range of private companies and government institutions whose computer networks were infected by the virus.
"We are following leads," said Michael Vatis, director of the National Infrastructure Protection Center. "Viruses are difficult to investigate because there isn't a single, coherent trail of evidence to follow, but we are examining the source code to see if there's any indication who may have started this."
The virus struck an estimated 180 U.S. companies by Thursday afternoon, said Jeffrey Carpenter, senior Internet security technologist for the Computer Emergency Response Team, which tracks computer viruses at Carnegie-Mellon University.
That was a more widespread attack than most viruses make, Mr. Carpenter said.
The attack resulted in huge volumes of mail being sent, which in turn shut down some servers that support e-mail service.
Bill Shapard, press secretary for Rep. J.C. Watts Jr., Oklahoma Republican, got 150 "ILOVEYOU" e-mails by midday Thursday and watched the virus render his e-mail program useless as the messages clogged the server.
"We've become so dependent on e-mail, when something like this happens, it brings us to a grinding halt," Mr. Shapard said.
Signs on office doors of members of Congress warned arriving staff members not to open the infected e-mails.
Ford Motor Co. shut down its e-mail system Thursday after the virus infiltrated its system in Europe.
D.C. government spokesman Linda Argo said about 100 of the District's estimated 15,000 computers were infected.
"We absolutely dodged a bullet," she said.
The Defense Department did not.
"We do not love the 'love bug' virus," Defense Department spokesman Kenneth Bacon said.
Computers with unclassified information were infected by the virus, but the department didn't indicate the number of computers infected. Computers classified for security purposes remained unharmed, he said, but the Army and the Navy both shut down their e-mail systems in the Pentagon temporarily.
The virus is released when attachments are opened on computers using Microsoft Outlook, a software program that runs e-mail. Once the virus infects a computer, it can destroy files on the user's own hard drive and on networks to which the user is connected.
The virus was erasing the content of music and photo files which are labeled by the suffixes .jpg, .jpeg, .vbs, .mp3 and .mp2 and copying itself into those files.
Computers using programs other than Microsoft Outlook, including Apple Computer products, appeared to withstand the virus.
Experts at the two major U.S. anti-virus software companies Symantec Corp. and Network Associates had updates to their anti-virus software to protect against the "love bug" by Thursday afternoon and made them available on the Internet.
Computer users whose systems were hit by the virus had no choice but to reinstall infected software.
Contaminated e-mails apparently originated from an Internet service provider in the Philippines, Mr. Bacon said.
Mr. Vatis declined to say whether NPIC will focus on the Philippines.
"We are looking into that, but it's too early to say where the attack originated," he said.
Security experts said the "love bug" was not a sophisticated program.
"A competent programmer could have written this in four hours. This is not rocket science," said Tim Belcher, executive vice president at RIPTech Inc., an Alexandria, Va., computer security company.
The "love bug" was more invasive than the attack last March of the Melissa virus, said Ben Venzke, manager of intelligence production at Infrastructure Defense Inc. in Alexandria.
The Melissa virus was designed to send infected mail to just the first 50 names in a computer user's address book. The "love bug" sends mail to all names in an address book.
"It wouldn't surprise me if it goes beyond the number that Melissa infected," said Patrick Martin, product manager for anti-virus research at Symantec, developer of Norton anti-virus software.
David Lee Smith pleaded guilty to disrupting some 1.2 million computers by spreading Melissa, which struck in March 1999. A hacker released Chernobyl, another virus delivered by e-mail, in April 1999.
Security experts have identified about 47,000 viruses, Mr. Martin said.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide