SHNS
| Home | The Wire | Contacts/Staff | History | Updates |
INTERNATIONAL HEADLINES

If you thought the 'love bug' was bad, just wait

By JASON BURKE and NICK PATON WALSH
London Observer Service
May 07, 2000

- You sit at your desk, park your coffee next to your mouse, fire up your computer and click to check your e-mail. And in that one tiny movement, before you have even looked to see if there are any suspicious messages, it could be too late.

Just by clicking on your "Get Mail" you could have turned your PC into a pile of useless plastic. It is every computer user's worst nightmare _ and it's coming soon to a screen near you. Brace yourself for the supervirus.

Meanwhile, the "love bug" has given us all a taste of what could be coming. Though its creator must be concerned about the police knocking on his door within hours, he must also be feeling fairly pleased with himself. The virus he set loose on the world on Thursday has already caused millions of dollars' worth of damage, more than any other virus or hacking attack since the dawn of cyberhistory.

The program worked because it was simple. It lay dormant for nearly a week before surfacing on computer screens in Hong Kong. The message _ seemingly sent by someone known to the computer user _ said "ILOVEYOU' and had an attachment which appeared to be a love letter.

Launching the attachment allowed a program to invade the computer, which not only sent copies of the e-mail to all the addresses listed on the machine but also scooped up all the passwords it could find and sent them back to the creator of the bug.

Those first clicks triggered a flood. Billions of pulses raced through the world's phone lines, spattering the virus in all directions. It was the fastest-spreading bug ever, infecting five million machines within 36 hours. Everyone from the Pentagon to the House of Commons to New Zealand universities was hit. An estimated 20 percent of the world's computers were affected.

Yet it could have been much worse. The love bug worked by proliferating at such a rate that Internet systems couldn't handle the overload. That may cause temporary collapse, but there's little long-term damage. The damage that this bug _ technically known as a "worm" _ did to picture and music files did cause problems, but these were far from catastrophic.

Cyber-sabotage of a more deadly kind by was indicated by a development in November when researchers at Network Associates, a computer security firm, received a series of e-mails with the subject heading "Bubbleboy is back!'. As they examined the virus, their eyes widened. It was, says Vincent Gullotto, director of the company's anti-virus team, "a watershed."

The Bubbleboy virus broke the long-standing rule that you have to open an e-mail attachment to become infected. By the time it was in your inbox it was too late.

Thankfully Bubbleboy, though it e-mailed itself to everyone in a computer's address book, did not have a "destructive payload' and so did little damage. Few took much notice of the quantum leap that it represented.

Virus writers have made advances in other areas. In April 1999 a virus called Chernobyl was activated in hundreds of thousands of computers in Asia and the Middle East, striking on the anniversary of the nuclear accident it was named after. Not only did it wipe out stored data, it destroyed BIOS _ the basic instructions that tell a machine how to start.

Now virus writers have married the destructive capabilities of Chernobyl with the invasive capabilities of Bubbleboy and the speed of the Love Bug. The combination is the supervirus.

According to experts, at least 50 such superviruses have already been detected on the Internet. None have yet been launched at the public. Some may not work; some may be shot down by existing virus defenses; some might get through. And that is the nightmare scenario.

A hacker known as "Dark Tangent," who heads a group which advises big businesses on their security, said the only surprise is that a "supervirus hasn't happened yet."

"For the last two years we've all been waiting," he said. "I don't know why we have not seen one. It could happen next week."

The damage a successful supervirus could do is almost incalculable. "It would be as if the Millennium Bug has actually done everything it was feared it could do," said one London-based computer security expert.

The first question confronting law enforcement agencies and commercial outfits hired to protect companies and institutions against such an attack is who would be likely to launch it. Authorities are focusing on the threat from terrorist groups, who they fear might use viruses to extort money or blackmail governments into giving in to political demands.

"The supervirus is going to happen soon," said a source close to British intelligence services. "There are people out there with that intention. They may coincide their actions with protests against the International Monetary Fund and the World Trade Organisation, just to muddy the water."

Many of the organizations connected with anarchist violence in London number hackers in their ranks.

Another threat is from hostile governments. The US defence department believes 120 countries pose a serious threat to cyber-security. They include Libya, Iraq, Croatia and Serbia. The Chinese are thought to have created military regiments dedicated to cyber-warfare.

Experts say national security authorities are only just waking up to the threat from the Internet _ a threat that will be magnified when technology allows e-mails to be read on mobile phone-type units.

Many experts also say the security agencies are looking in the wrong place. Mike Bluestone, director of Berkeley Security Bureau of London, said those who launch virus attacks are more likely to be "cyber-vandals," not "cyber-terrorists."

"Terrorists make targeted demands and like a high degree of control over their operations," he said. "A supervirus is more likely to be the brainchild of a spotty adolescent than some terrorist mastermind."

(Distributed by Scripps Howard News Service. For more Observer news go to http://www.guardian.co.uk/.)

 

 


SCRIPPS HOWARD NEWS SERVICE
1090 Vermont Ave. N.W. Suite 1000 Washington, D.C. USA 20005
GENERAL LINE: 1.202.408.1484  FAX: 1.202.408.5950

2000 Scripps Howard News Service.

All Rights Reserved.

 

Webmaster e-mail: shns@shns.com