Information Security News mailing list archives
FBI computer bug squad defends readiness
From: William Knowles <wk () C4I ORG>
Date: Sun, 21 May 2000 12:55:20 -0500
http://www.techserver.com/noframes/story/0,2294,500206728-500288285-501556612-0,00.html By THOMAS HARGROVE, Scripps Howard News Service WASHINGTON (May 21, 2000 2:43 p.m. EDT http://www.nandotimes.com) - The FBI sounded the alarm about the "New Love" computer virus Friday - just hours after congressional investigators concluded that authorities have "not been effective" in rapidly responding to computer threats. The eruption of the polymorphic virus - so-called because the latest version of the devastating "I LoveYou" e-mail virus is able to change its name - again taxed law-enforcement officials' ability to protect cyberspace. "We jump on these as quickly as we can," said Michael Vatis, deputy assistant FBI director and chief of the agency's National Infrastructure Protection Center. "We started notifying other agencies at approximately 2 a.m. (EDT Friday)." Vatis defended his agency's response time. He said the FBI must first "check with other sources to see if this is a significant virus" before warning the public. "We have all been up all night, so I'm glad that the FBI was up with us," joked Marian Merritt, a group product manager at Symantec Corp., a California firm that studies computer viruses and markets anti-virus software. Symantec issued a consumer warning at 8 p.m. EDT Thursday that it had identified "a polymorphic variant of the Love Letter virus with an extremely destructive payload." The virus, if activated by opening an attachment to an e-mail message, will destroy almost all the files in a computer. Vatis said the FBI learned of the virus "just slightly before" it began warning federal agencies and private industry groups. Investigators at the General Accounting Office on Thursday criticized the protection center's response time following discovery of the I LoveYou virus May 4. The General Accounting Office is a congressional agency that audits federal programs. Jack Brock Jr., director of the office's government and defense information systems division, said the FBI first learned about that May 4 virus at 5:45 a.m. EDT when agents were warned by a private computer firm. Even as sensitive computer systems in the Department of Defense were being harmed by the virus, he said agents "checked other sources in attempts to verify the initial information with limited success." Brock said the FBI did not issue a warning "until 11 a.m. - hours after many federal agencies were reportedly hit." He said the agency "did not offer advice on dealing with the virus until 10 p.m. that evening." But Vatis defended the caution his agency uses before issuing warnings. He said computer mischief makers are writing 20 or 30 new viruses a day, although few have the disruptive potential of the Love Letter bug. "Frankly, that is why it's necessary to assess the spread and the destructive potential of a virus before we leap into action by issuing warnings and doing other things," Vatis said. "Not every virus really makes it out in any significant way. Right now, there are over 50,000 viruses known to be out there to some degree." The newest virus appears to have had little impact. Vatis said the FBI estimated it had infected "upward of 1,000 machines" scattered in the United States and around the world by Friday morning - nothing compared to the I Love You bug that caused up to $10 billion in damage. Merritt said the design of the New Love virus was flawed. "The damage it causes is so bad that it tends to destroy its host computer before it can disseminate itself too far," she said. *-------------------------------------------------* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *-------------------------------------------------* ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- FBI computer bug squad defends readiness William Knowles (May 21)