Users Feel Bite In Year Of Computer Buggreenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread
Just when you thought it was safe to return to the water.. Of course if you don't have any power then viruses won't hit until you power up I think?
SAN FRANCISCO (Reuters) - The year started with ``Happy 99'' -- a computer bug disguised as a garish online greeting card, and it will end with Y2K. In between, it's shaping up as the year when hackers and virus writers became a lot more evil and effective.
``The (bug) programs are getting more sophisticated, more complex, with more functions -- and they are definitely coming more often,'' said Mark Zajicek, of Carnegie Mellon's Software Engineering Institute Computer Emergency Response Team.
The ExploreZip worm that hit this week was the third major outbreak, an e-mail-delivered program that hit thousands of computer users last Friday and Saturday and lost steam early this week.
The three major outbreaks have already caused damage estimated in the hundreds of millions of dollars this year, and computer experts are forecasting a high level of activity that might well crescendo at the start of the year 2000.
``Y2K is certainly going to be a big target,'' said Wes Wasson, director of anti-virus products at computer security giant Network Associates Inc. (Nasdaq:NETA - news) ``Virus writers are notorious for using 'trigger dates' in their payloads.''
Companies have spent billions of dollars to keep their computer systems from failing as programs shift to the ``00'' at the new year, requiring the rewriting of millions of lines of code. Virus writers are almost certain to ``exploit the confusion surrounding the Y2K problem,'' Wasson said.
The world of hackers and virus writers often mirrors what happens in the commercial software world. Malicious code writers copy each others' work, competing to create the most ''features,'' often sharing technology over the Internet.
Hackers frequently work in groups, attacking, for example, military targets or government offices or corporate Web sites in organized waves.
While hackers specialize in breaking into systems and often have political or anti-authority agendas, virus writers are ''impact players'' trying to do as much damage as possible.
Increasingly the distinctions between the two camps are blurring, and widespread attacks are being combined with programs that do damage.
``They're not just digital graffiti writers anymore -- there are people out there doing real damage,'' said one corporate computer system manager.
``There are much more insidious problems lurking out there that haven't been seen yet,'' added Peter Neumann, chief scientist for Palo Alto, Calif.-based SRI International. ``A lot of serious problems exist that people have to face up to.''
The year's first big computer invader, ``Happy 99,'' looked like the work of some precocious pre-teen who spends time downloading groovy graphics from the Internet, just to send them on to friends. The e-mail contained a graphic of an on-screen fireworks display, a glittery stream of colored light that could have made a nice screen saver.
But ``Happy 99,'' it turned out, carried more than a New Year's greeting. It launched a computer program that destroyed data and made public exposed users' confidential data -- and it signaled the start of a year in which thousands of viruses would be unleashed over the Internet.
Happy 99 didn't spread far. But others did. The Melissa virus, appearing at the end of March, gained notoriety because it was the fastest-moving virus ever seen, hitting hundreds of thousands of computers around the world. The Chernobyl virus rendered a relatively small number of computers inoperable in this country, but hit many machines in Asia.
The creators of Chernobyl and Melissa signed their names to key pieces of software, which led to their apprehension by authorities. But ExploreZip's writer appears to have used the stealth style used by computer hackers who go to great lengths to hide their tracks.
``The hackers are just pointing out our vulnerabilities,'' said SRI's Neumann. ``This is a massive problem that shows the short-sightedness of the industry in dealing with security. The computer infrastructure is not being protected.''
But Network Associates' Wasson said authorities are finally taking the threat more seriously.
``When we get a problem, the FBI is on the line fast now -- but that wasn't the case a year ago,'' he said.
Corporate users have been taking a proactive approach to fighting viruses as well, say those in the industry.
But a more negative reaction could begin to set in if more people are hit by an increasing number of system failures, said Mark Radcliffe, a partner in the Palo Alto, Calif., law firm of Gray Carey Ware & Freiderich.
Already, law firms are bracing for an explosion of Y2K lawsuits. Virus suits might soon follow.
``So far the anger is turned on virus writers and the hackers -- and there is a feeling of 'we're all in this together,''' said Radcliffe. ``But as things evolve the reaction could get nastier. People could become less patient and look for somebody else to blame. Then you'll see litigation.''
-- y2k dave (email@example.com), June 16, 1999
Gee... and we still have 6 months to go. With the pace increasing like it is, I would guess that we'll have another 5 virus/worms this year followed by at least 6 that will be triggered by 1/1/00. FWIW.
-- DJ (firstname.lastname@example.org), June 16, 1999.
I think there will be an tremendous amt of virus's let lose btwn November and Feb. If they can inflict damage before during and after roll over they will have quite an impact on our society without blowing up a single building.
-- Moore Dinty moore (email@example.com), June 16, 1999.