BGU%NIHCU.BITNET@VMA.CC.CMU.EDU (Bruce Guthrie) (09/18/89)
"Computer Virus Sparks a User Scare"
"Some Analysts Say the 'Friday the 13th' Fears Are Overblown"
by John Burgess
Washington Post, Sep 17 1989, pg H3
A computer "virus" that springs to life destructively on
Friday the 13th is on the loose, and across the country computer
users are rushing helter-skelter to protect their machines
against it.
Yet, with fewer than 10 verified sightings in a country with
tens of millions of computers, some experts are saying the threat
is being absurdly overblown.
"At this point, the panic seems to have been more
destructive than the virus itself," said Kenneth R. Van Wyk, a
security specialist at Carnegie-Mellon University's Software
Engineering Institute. He has been taking 20 phone calls a day
for advice on the subject.
Written as pranks or tools of sabotage, viruses are software
programs designed to spread surreptitiously through computer
interconnections and the exchange of the floppy magnetic storage
disks on which computer programs and data are recorded.
Once introduced into a machine, they transmit their own
instructions to the computer, causing it to destroy data or
display a surprise message on the screen.
The new one is known variously as the Datacrime, Columbus
Day, and Friday the 13th virus. Aimed at IBM-compatible personal
computers, it is designed to lie dormant and unnoticed in a
machine until Oct. 13, a Friday, and then activate as soon as an
unwitting user turns on the machine and "executes" a program.
(Many computers have internal calendars that make such
date-activated instructions possible.)
At that time, a message flashes on the screen:
DATACRIME VIRUS.
RELEASED 1 MARCH 1989.
Simultaneously, the virus erases a section of the machine's
disk storage unit that serves as an index to the information on
the disk [the FAT]. People with something more than basic
technical knowledge can fix the problem and recover the data,
however.
The federal government views viruses as a grave threat to
the nation's information systems and has set in motion special
programs to guard computers against them and to punish people who
introduce them.
The phenomenon received widespread public attention last
fall, when a virus written by a Cornell University graduate
student swept through the federally supported Internet research
network, replicating itself automatically over and over and
temporarily tying up 6,000 machines in one day.
The Datacrime virus, however, is targeted at computers that
for the most part are not linked in networks.
And it comes at a time when publicity has led many users to
take the basic precautions of "safe computing," avoiding free
software that is posted on bulletin boards, where the viruses may
lurk, and using only programs that come in factory-sealed
containers.
The Software Engineering Institute knows of fewer than 10
cases, Van Wyk said.
International Business Machines Corp. said Thursday is it
not directly aware of any. "If it was out there in any number,"
said Bill Vance, director of secure systems for IBM, "it would be
spreading and be more noticeable." October 13, he said, is not
likely to be "a major event."
At Centel Federal Systems of Reston, however, a different
mood prevails. It has been operating a toll-free hotline on the
virus, with six people working full-time. It has received more
than 1,000 calls, according to Tom Patterson, senior analyst for
security operations at the federal systems unit, which is owned
by independent telephone company Centel Corp. of Chicago.
Patterson said he began working on the virus about five
weeks ago, after receiving a tip from an acquaintance in Europe
that hackers there were planning to modify an existing virus and,
by dialing up electronic bulletin boards across the Atlantic,
release it in this country.
Subsequent investigation turned up specimens in this country
fitting the description he had received. Patterson said he had
dissected a version of it and, in tests, found that it could
penetrate a number of software products that are supposed to keep
viruses out. In recent days, he found one on the machines of a
Centel client. "The virus is out there," Patterson said. "It's
real."
Also active in the campaign is John McAfee, a
virus-protection specialist based in Santa Clara, Calif., who
runs a bulletin board on which he offers anti-viral programs.
His phone line has been constantly busy in recent days.
Concern has heightened with each new report of the virus in
the computer trade press and on at least one wire service, the
Associated Press, leading some security specialists to see the
panic as a self-fulfilling prophecy by the media.
Others wonder whether companies that make anti-viral
products are not happy to see the scare being pumped up.
"The more panicked people get," said Jude Franklin, general
manager of Planning Research Corp.'s technology division, "the
more people who have solutions are going to make money."
For $25, which it says is necessary to cover the cost of a
disc, shipping, and handling, Centel is offering software written
by McAfee that searches for the virus.
Patterson said Centel would be losing money on the discs [!]
but is doing it anyway. "I'm not trying to hype this," he said.
"I'm working 20-hour days... to get the word out."