while this may initially seem OT, it is not. it is just one more thing to deal with at the end of the year. the power industry is mentioned as one of the industries at risk.

Y2K Risk Assessment Task Force: Chairman: Sam Nunn, former U.S. Senator Vice Chairmen: Bradley D. Belt, Director, International Finance and Economic Policy Arnaud de Borchgrave, Director, Global Organized Crime William Garrison, Director, International

Communications- The Melissa virus and the Chernobyl virus recently demonstrated how easy it is to disrupt a system and cause millions of dollars worth of damage. They are only the tip of the iceberg. There are more than a hundred millennium viruses being developed, while all the effort around the Year 2000 computer problem is focusing on changing the date fields in mission critical systems. The impact of the Melissa virus and the Chernobyl virus pales in comparison to the impact that these millennium viruses could have, especially if they all hit at the same time. Security expertise and communications engineering knowledge has virtually become second nature to today's computer savvy youth. As a result, the quality and the sophistication of simple viruses has significantly increased. Witness the Melissa virus, a simply coded virus which was totally benign it its nature. But, its sophisticated concept of carrier broadcast, which allows a virus to replicate itself and spread rapidly through a system, ultimately created an atmosphere of panic. More recently, the Chernobyl virus wreaked havoc in the Middle East and Asia as well as some European countries. This virus, which was set to activate on the anniversary of the Chernobyl incident, attempts to corrupt the data on the hard drive, while at the same time tampering with the boot up (BIOS) program, without which the computer can not be turned on. South Korea for instance, estimates that up to 15 percent of all its computers may have been affected causing damage of up to $250 million. Other areas of the world also suffered extensive damage. The United States, on the other hand, has remained largely unaffected. The reason for this is that experts in the United States have known about the Chernobyl virus for nearly a year and were able to make preparations by updating the anti-virus software and by being vigilant. The same can not be said about millennium viruses. There is very little, easily accessible public information on them, making it difficult to assess the threat. But, the problem must be taken seriously. As Jeremy Phillips, President of PS Technologies, points out, "anybody who has ever worked with viruses will understand why these viruses are not widely known. Simply, a virus is not usually known about until it strikes for the first time. As these viruses are specifically coded not to activate until the computer clock is either 00 or 2000, there is no reason to suspect that they exist. However, they do." According to Mr. Phillips, there are more than 130 computer viruses that are set to activate at the stroke of midnight 2000. Most of these viruses are harmless, falling into the "nuisance category." A number of the known viruses (10-12), on the other hand, are designed with specific malicious intent. If these viruses all strike at the same, time they have the potential to make a bad situation worse. Systems administrators, already stressed with ensuring the seamless Y2K roll-over, may be pushed to a breaking point increasing the probability of human error and widespread system failures. What do some of these millennium viruses do? Benign Viruses: As stated earlier, most of the millennium viruses are, according to tradition, child-like and non-malicious in their intent. One virus, for instance, creates a picture on your screen of death holding a new-born baby with the numbers "2000"over his head. Seventeen other viruses just display the number "2000" on the screen, and then have it explode in confetti. Although potentially very annoying, these types of viruses cause no lasting damage and are easily removed. Malicious Viruses: The most dangerous "strains" of millennium viruses are being developed by groups that are small, well financed, and located outside of the United States. In some cases, the programmers who design the viruses have set up companies in neutral countries that do software/computer consulting. Profits from their legitimate activities are then used to finance more nefarious projects. The malicious millennium viruses, if left unchecked, could cause serious damage to various areas of the international infrastructure, especially the international telecommunications infrastructure. One virus, for example, specifically targets major companies' telephone Electronic Switching Systems, randomly rerouting calls. Three other malicious viruses will actually lock a processor in a divide by zero loop, which, if left running for a sufficient amount of time, will overheat the Central Processing Unit, causing it to melt down and effectively reducing the computer to scrap metal. Similarly, a different virus will wreck monitors by tampering with the video card, causing them to overheat and be destroyed. Another virus effects applied industrial systems that monitor key processes such as conveyer belt operations, the temperature regulation in power plants, labeling of food products, and even payroll systems. What the virus does is disregard the true information, inserting random quotes where information is requested. This could cause the total recall of a product because it was falsely labeled to be safe for children, when in actual fact it is not. Lastly, there are two viruses that affect the Domain Name Service (DNS) automated directory assistance for the Internet, linking the name of a web site with the corresponding Internet Protocol (IP) address. These two viruses are non memory resident parasites, meaning that they need an application that is integrated in the DNS server in order to exist. These parasite viruses shuffle the directory systems (the resolution tables) so that the web sites no longer match their IP numbers. As a result, for example, rather than reaching the CNN web site, a totally different web site is accessed. As systems security expert, Sam Schubert, points out, "depending on which DNS server is targeted, viruses of this nature have the potential of crippling the Internet." Awareness a Priority: The viruses briefly described above are just a few examples of the types of viruses that are being developed and that are set to activate in the confusing environment of the millennium change over. About 98 percent of them, both benign and those with system lethal intent, originate outside U.S. borders i.e. outside U.S. control. This makes it extremely difficult to get a handle on the problem, which is why awareness needs to be a priority. If several of the malicious viruses were to hit at the same time as wide spread Y2K failures, the stress on the system would be severe. It would take days, more likely months, to clean up and, in some cases, rebuild the system. Anti-virus software may not protect against these viruses since the majority of them have not been studied and included in the anti-virus software. The only way to mitigate possible affects is through heightened awareness and constant vigilance. Return to the Y2K Risk Assessment Task Force home page

-- Anonymous, May 14, 1999

Answers

This came up in March, but with little discussion. You might want to look over the thread, "Trojan Horses and Millenium Viruses: Valid Concern?" at:

http://www.greenspun.com/bboard/q-and-a-fetch-msg.tcl?msg_id=000cdv

I haven't checked the URL to see if it is still good.

-- Anonymous, May 15, 1999

"lock CPU in permanent divide by 0 loop" and melt down CPU? It has been a LONG time since I heard that, so long in fact, that I don't even remember what name it went by last time around. Some things never die.

-- Anonymous, May 17, 1999