Feds Hesitated in Love Bug Reaction

[William Knowles <wk () C4I ORG>]

http://news.excite.com/news/ap/000518/16/love-bug-impact

By MARCY GORDON, Associated Press Writer

WASHINGTON (AP) - The government failed to promptly detect the
devastating "Love Bug" virus and warn federal agencies, resulting in
substantial damage to agencies' computer systems and files,
congressional investigators testified Thursday.

The Pentagon considered calling up reservists to help contain the
virus, and the Department of Health and Human Services was rendered
incapable of dealing with a potential biological disaster, the
investigators found in a review of 20 agencies.

The government "was not effective at detecting this virus early on and
warning agencies about the imminent threat. Consequently, most
agencies were affected," Jack L. Brock, Jr., an expert on government
information systems at the General Accounting Office, told a Senate
subcommittee hearing. Testifying with him was Keith Rhodes, director
of computer and technology assessment at GAO, Congress' investigative
arm.

The "ILOVEYOU" virus crippled e-mail systems worldwide. When it struck
on May 4, the warning to agencies by the FBI's National Infrastructure
Protection Center came only at 11 a.m. EDT, hours after many agencies
were hit, Brock testified. In fact, he said, many agency officials
learned of the virus from other sources such as news reports,
companies doing business with the government and colleagues in Europe.

The initial warning notice on the NIPC's Web site was an advisory
only, and advice on dealing with the virus wasn't posted until 10
p.m., Brock said.

FBI spokesmen had no immediate comment on the investigators'
testimony.

Once the agencies were notified, they generally took prompt action,
spending thousands of hours fixing computer systems, investigators
found. But spreading the word through some agencies was difficult and
the few agencies that got early word of the virus failed to
effectively warn others, they found.

The virus "demonstrates several weaknesses in our government's ability
to detect and respond to fast-moving cyber events in a coordinated and
efficient manner," said Sen. Robert Bennett, R-Utah, chairman of the
Senate Banking subcommittee on financial institutions.

A private consortium of financial services companies had the earliest
warning and analysis of the virus in this country, beating the
government, Bennett noted. "It is clear that the government can learn
something from the private sector," he said.

The testimony of Brock and Rhodes provided a compelling snapshot of
the impact on federal agencies. Among the developments they cited:

-The Health and Human Services Department, which was flooded with
about 3 million bogus messages, had e-mail system disruptions of as
many as six days in some divisions. An official told the GAO
investigators that if a biological disaster had occurred, the "health
and stability of the nation would have been compromised."

-At the Pentagon, military personnel were pulled from their regular
duties to help contain the virus, and officials considered calling out
reservists if the virus attack continued over time.

-At least 1,000 computer files were damaged at the National
Aeronautics and Space Administration. Some files were recovered from
backup materials but others were not.

-The Social Security Administration needed five days to become fully
functioning and purged of the virus.

The "Love Bug" virus has been called the fastest-spreading and most
destructive computer virus ever, costing an estimated $950 million to
$15 billion worldwide. Starting in Hong Kong, it caused a flood of
e-mails with the subject line "ILOVEYOU" to worm its way into computer
systems around the globe.

When opened, the virus destroyed graphics and other saved files. The
"Love Bug" also installed a password-stealing program, experts say.
Several variations of the virus appeared soon afterward, including
confirmation of a Mother's Day gift order.

The virus wreaked havoc on European parliaments, school systems and
industry, often forcing shutdowns of their e-mail systems. Among the
big corporations hit were AT&T, Ford Motor Co., Lucent Technologies
Inc., Trans World Airlines and Dow Jones & Co. Inc.

On Thursday, investigators in the Philippines questioned at least
seven former members of a group of computer students linked to the
virus. The students denied any ties to the virus.

---

On the Net:

The FBI's National Infrastructure Protection Center:
http://www.nipc.gov/


*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions             http://www.c4i.org
*-------------------------------------------------*

ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".