The following is an archived copy of a message sent to a Discussion List run by the Campaign Against Sanctions on Iraq.
Views expressed in this archived message are those of the author, not of the Campaign Against Sanctions on Iraq.
[Main archive index/search] [List information] [Campaign Against Sanctions on Iraq Homepage]
I just received this. I thought that it was pretty important to distribute! So I'm sending it to all of you. Vicki ----- Original Message ----- From: <zevei@ibm.net> To: <zeveiwolf@aol.com> Sent: Sunday, March 28, 1999 1:59 PM Subject: New York Times Article on Virus "taking internet by storm" 3/28/99 > ________________________________________________________________________ > > F r e e d o m * Linking Palestinians & Their Friends * help@alquds.net > ________________________________________________________________________ > > This article appeared in the Sunday New York Times of 3/28/99 > > > > > March 28, 1999 > > > New Fast-Spreading Virus Takes Internet > by Storm > > By MATT RICHTEL > > AN FRANCISCO -- A rapidly spreading computer virus forced > > several large corporations to shut down their e-mail > servers on > Friday night as it rode the Internet on a global rampage, > several leading > network security companies reported Saturday. > > The security companies said early reports of the virus, which > is carried by > e-mail, led them to believe that tens of thousands of home and > business > computers had been infected on Friday alone. The virus > reproduces itself > exponentially, they said, trying to use each infected message > to send 50 > more infected messages. > > "This is the fastest-spreading virus we've seen," > said Srivats Sampath, general manager for the > McAfee Software division of Network > Associates, a Santa Clara company that makes > anti-virus software. > > Network security experts said that the virus > appeared to do no harm to the machines it > infected and that individuals could easily disable > it. But they said its purpose is to interrupt networks by > replicating itself so > rapidly that it overwhelms networks and e-mail servers, the > electronic > post offices that direct message traffic. > > E-mail infected with the virus, which its creators call > Melissa, has a topic > line that begins, "Important Message From." Next is the > sender's name, > which is often the name of a friend, fellow worker or someone > else > known to the recipient. > > The message within the e-mail is short and innocuous: "Here is > that > document you asked for ... don't show anyone else ;-)" > Attached to it is a > 40,000-byte, or 40K, Microsoft Word document named list.doc. > > When the recipient opens list.doc, the Melissa virus > automatically > searches for an e-mail address book. It then sends a copy of > itself -- the > message and attachment -- from the recipient to the first 50 > names it finds > in the recipient's address book, which accounts for the rapid > acceleration > across the Internet. > > The virus is known to spread rapidly with two popular e-mail > programs, > Microsoft Outlook and a slimmed-down version of the same > program, > Microsoft Outlook Express, which is part of the Windows 98 > operating > system and is often installed with Windows 95. > > Network security administrators said they had seen no evidence > that > Melissa was able to open and use the address books in other > e-mail > programs, but they did not rule out the possibility that it > could and would > do so. > > Several anti-virus software makers posted software on their > Web sites > that their customers can download to detect the virus-encoded > message > and refuse it. > > A fix for the general public was available on > www.sendmail.com, the > Web site of Sendmail, the Emeryville company whose post-office > > software is often used to direct mail on the Internet. > > Eric Allman, a co-founder of Sendmail, said he was concerned > that the > problem would worsen on Monday morning when employees find > these > messages in their e-mail in-boxes. "This will get into a lot > of mail boxes > and lay dormant," he said. "When employees come in at 8 a.m. > and read > these messages, it will cause an explosive growth of the > virus." > > Allman characterized the virus' virulence as "not the worst > I'd seen, but > it's pretty bad." He added, however, that it appeared to be > the > fastest-replicating virus he had seen. > > Individuals can avoid contracting or spreading the virus > simply by not > opening the attachment that accompanies the e-mail. Opening > the > message alone will not cause the virus to copy the address > list and send > itself out. > > Alternatively, users can disarm the virus by disabling the > type of program > that contains it -- "macros," which are small applications > used to > automate tasks in Microsoft Word documents. Disabling macros > in > Microsoft Word will render the virus ineffective. > > Officials from Microsoft said they were not certain of the > magnitude of > the virus and emphasized that it could be easily disarmed. > Adam Sohn, a > company spokesman, said, "If folks are careful about what runs > on their > machine, they'll always be fine." > > The virus overwhelmed employees on Friday at GCI Group, a > public > relations firm with offices throughout the United States. > > One contract employee, who exchanges mail with a number of > company > employees, said she received more than 500 messages during the > day. > > "It hosed my entire day," said the employee, Leigh Anne > Varney. "You > can't print the words I used. I've never had this happen > before." > > This hardly is the first virus to attack and spread > automatically via e-mail, > but it is the first to move from being a controlled, > essentially experimental > form "into the wild," said Dan Schrader, director of product > marketing > for Trend Micro, an anti-virus software maker in Cupertino. > > The rapid spread of the program was reminiscent of a 1988 > program, > known as a worm, written by Robert Tappan Morris, then a > graduate > student in computer science at Cornell University. Morris' > program > spread through the Internet with remarkable speed, ultimately > disabling > more than 6,000 computers. > > However, the Internet was tiny in 1988 compared with the size > of today's > network. As a result the potential for the spread of the > program is truly > vast. > > "We haven't seen anything impact this many people on the > Internet in a > long time," said Schrader. He said that three of his company's > customers > had temporarily shut down their e-mail servers to delete the > infected mail. > > Whoever wrote the virus also left the message "W97M -- > Melissa." The > note said the virus was created by "Kwyjibo," which Trend > Micro > officials speculated is a reference to the television show > "The Simpsons." > In an episode of the Simpsons titled "Bart the Genius," Bart > Simpson > wins a Scrabble game by using the "word" Kwyjibo. > > The theory dovetails with a second impact of the virus: Once > the virus > has infected a computer, it will type a message on the screen > when the > time of day corresponds to the date (on March 26 it would be > 3:26). The > message reads: "Twenty-two points, plus triple-word-score, > plus 50 > points for using all my letters. Game's over. I'm outta here." > > > > Related Sites > These sites are not part of The New York Times on the Web, and > The Times has > no control over their content or availability. > > CERT Coordination Center, Carnegie Mellon University: > Melissa > Macro Virus > > Network Associates: Melissa Virus Alert > > McAfee Online : Melissa Virus Profile > > Trend Micro: Melissa Virus Alert > > Sendmail > > The Morris Internet Worm: Background > > > Matt Richtel at mrichtel@nytimes.com welcomes your comments > and suggestions. > > > > > > > > Home | Site I > > -- ----------------------------------------------------------------------------- This is a discussion list run by Campaign Against Sanctions on Iraq. To be removed/added, email soc-casi-discuss-request@lists.cam.ac.uk, NOT the whole list. Archived at http://linux.clare.cam.ac.uk/~saw27/casi/discuss.html