Preston@DOCKMASTER.NCSC.MIL (02/28/90)
Is Jerusalem-B spread an indicator of the future? Jerusalem-B (Israeli variant) was apparently shipped about 1 week ago in a PC AT clone from one of the smaller companies. It was on a formatted hard drive with MS-DOS 4.01 installed. The company confirmed that they had been having a problem with that virus when contacted by the upset owner. An earlier contact with the company had resulted in a denial of a virus problem, and a claim of shipping 300 systems per day. The new owner, being innocent in the ways of viruses, had, within an hour, infected his master copies of Microsoft Works and an income tax program, and now has ordered replacements. This is the same virus shipped by the Census Bureau several weeks ago to about 300 users, according to published reports. There have been detection tools for this virus for months, rather than weeks, as in the case of some of the newer and "better" viruses. So far, indications from my experience and surveys are that most companies and users wait to learn from personal experience about viruses, rather than learning from others. Are these infections (with an old virus) an indication of what will happen when the large number of new viruses have had time to spread far enough? Or will the increasing availability of virus scanning tools and self-checking programs (like MS Works) intersect the "infected systems curve" soon? I don't recall seeing an "average rate of adoption" study for techniques to counter new classes of threats to information systems, but it appears that it may be in the 10%/year range or lower, at least initially. Charles M. Preston 907-344-5164 Information Integrity MCI Mail 214-1369 Box 240027 BIX cpreston cup.portal.com