Remember the Love Bug?

[William Knowles <wk () C4I ORG>]

http://www.wired.com/news/politics/0,1283,36699,00.html

by Lynn Burke
3:00 a.m. Jun. 5, 2000 PDT

It seems like ages have passed since the term "Love Bug" shed its
innocent meaning and adopted more of a "malicious worm that is causing
billions of dollars worth of damages worldwide" connotation.

The media has quietly backed away from the story, yawning at the
stalled investigation that has been stuck at a computer school in the
Philippines, and shrugging its shoulders at this virus that is so
over.

And while Filipino police continue to quietly interview 11 current and
former students at Manila's AMA Computer College, suspected of playing
a part in the Love Bug fiasco, a host of people, from recognized virus
experts to amateur computer sleuths and anonymous hackers, say
authorities are spinning their wheels.

Rick Downes, a consultant programmer for radsoft.net, an organization
of developers, systems administrators, lecturers, and IT trainers
based in Sweden, has carefully studied the closest thing investigators
have to a smoking gun in this case: a thesis submitted last spring by
former AMA student Micheal Buen. Investigators in Manila say that
thesis -- actually a computer program -- looks an awful lot like the
source code of the Love Bug worm.

Downes says they're nuts.

"There is absolutely nothing in there that resembles anything used in
the ILOVEYOU worm or associated Trojan," he said. "The appearance of
his source code is a far cry from the gibberish in the worm."

Jean Franois Gagn, 31, a now-unemployed computer technician-consultant
from Montreal who believes the "ILOVEYOU" worm originated in Brisbane,
Australia, said investigators "are not barking at the wrong tree, but
just barking at one root."

Jonathan Boxall, electronic crime-collection manager for the
Australian Federal Police, said the agency has asked Gagn for his
assistance in the case, but wouldn't comment on whether it was
pursuing any suspects in Australia.

James Atkinson, a technical counterintelligence engineer of Granite
Island Group in Gloucester, Massachusetts, has been following the case
from the start. He thinks investigators have bungled the job by
failing to explore other possible points of origin.

"It is impossible to accurately relate my feelings about the profound
incompetence and mediocre performance the FBI has recently
demonstrated in investigating cases like this," Atkinson said. "So far
I think that the investigation has made several U.S. law enforcement
agencies look like fools."  In fact, the FBI has been criticized for
its treatment of the virus in the United States, and was harshly
rebuked by a May 18 General Accounting Office report for failing to
adequately warn the government of the Love Bug in time for agencies to
protect themselves.

The FBI is only offering "no comment" comments about its handling of
the case.  "The investigation continues, we're following all leads,"
said FBI spokeswoman Debbie Weierman. "We are pursuing leads both
domestically and all around the world, and the National Bureau of
Investigation in the Philippines is continuing with their
investigations."

The results of those investigations may be moot, however.

Michael Toren, a former prosecutor in the Department of Justice's
Computer Crimes and Intellectual Property section, said even if the
feds track down a Manila perpetrator or perpetrators, there's little
chance anyone will be extradited to the United States to stand trial.

"It's not even clear that he actually committed a crime in the
Philippines," Toren said, adding that the country is not likely to
risk mass disapproval by sending one of its own into the jaws of the
U.S. justice system.

"There seems to be somewhat of a support with the young people in the
Philippines that one of their own -- without a lot of training -- was
able to do as much damage as he did," he said. "The Philippines
authorities really don't know what to do in this situation. My guess
is that the Philippines government just wants this to go away."

In addition to a lack of any real law by which to charge a suspect,
the Filipino government is busy dealing with a hostage crisis. Plus,
Toren points out, the country isn't wired the way the United States is
wired.

"Only a small amount of people have computers, and even fewer have
access to the Internet," he said. "It's not something that's really of
concern."


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".