May 18, 2000 - 05:35 PM

Government Delay Found to Have Caused Agencies Serious Problems By Marcy Gordon Associated Press Writer

WASHINGTON (AP) - The government failed to promptly detect the devastating "Love Bug" virus and warn federal agencies, resulting in substantial damage to agencies' computer systems and files, congressional investigators testified Thursday. The Pentagon considered calling up reservists to help contain the virus, and the Department of Health and Human Services was rendered incapable of dealing with a potential biological disaster, the investigators found in a review of 20 agencies.

The government "was not effective at detecting this virus early on and warning agencies about the imminent threat. Consequently, most agencies were affected," Jack L. Brock, Jr., an expert on government information systems at the General Accounting Office, told a Senate subcommittee hearing. Testifying with him was Keith Rhodes, director of computer and technology assessment at GAO, Congress' investigative arm.

The "ILOVEYOU" virus crippled e-mail systems worldwide. When it struck on May 4, the warning to agencies by the FBI's National Infrastructure Protection Center came only at 11 a.m. EDT, hours after many agencies were hit, Brock testified. In fact, he said, many agency officials learned of the virus from other sources such as news reports, companies doing business with the government and colleagues in Europe.

The initial warning notice on the NIPC's Web site was an advisory only, and advice on dealing with the virus wasn't posted until 10 p.m., Brock said.

FBI spokesmen had no immediate comment on the investigators' testimony.

Once the agencies were notified, they generally took prompt action, spending thousands of hours fixing computer systems, investigators found. But spreading the word through some agencies was difficult and the few agencies that got early word of the virus failed to effectively warn others, they found.

The virus "demonstrates several weaknesses in our government's ability to detect and respond to fast-moving cyber events in a coordinated and efficient manner," said Sen. Robert Bennett, R-Utah, chairman of the Senate Banking subcommittee on financial institutions.

A private consortium of financial services companies had the earliest warning and analysis of the virus in this country, beating the government, Bennett noted. "It is clear that the government can learn something from the private sector," he said.

The testimony of Brock and Rhodes provided a compelling snapshot of the impact on federal agencies. Among the developments they cited:

-The Health and Human Services Department, which was flooded with about 3 million bogus messages, had e-mail system disruptions of as many as six days in some divisions. An official told the GAO investigators that if a biological disaster had occurred, the "health and stability of the nation would have been compromised."

-At the Pentagon, military personnel were pulled from their regular duties to help contain the virus, and officials considered calling out reservists if the virus attack continued over time.

-At least 1,000 computer files were damaged at the National Aeronautics and Space Administration. Some files were recovered from backup materials but others were not.

-The Social Security Administration needed five days to become fully functioning and purged of the virus.

The "Love Bug" virus has been called the fastest-spreading and most destructive computer virus ever, costing an estimated $950 million to $15 billion worldwide. Starting in Hong Kong, it caused a flood of e-mails with the subject line "ILOVEYOU" to worm its way into computer systems around the globe.

When opened, the virus destroyed graphics and other saved files. The "Love Bug" also installed a password-stealing program, experts say. Several variations of the virus appeared soon afterward, including confirmation of a Mother's Day gift order.

The virus wreaked havoc on European parliaments, school systems and industry, often forcing shutdowns of their e-mail systems. Among the big corporations hit were AT&T, Ford Motor Co., Lucent Technologies Inc., Trans World Airlines and Dow Jones & Co. Inc.

On Thursday, investigators in the Philippines questioned at least seven former members of a group of computer students linked to the virus. The students denied any ties to the virus.

---

On the Net:

The FBI's National Infrastructure Protection Center: http://www.nipc.gov/

AP-ES-05-18-00 1727EDT ) Copyright 2000 Associated Press.

http://ap.tbo.com/ap/breaking/MGIHZOQWE8C.html

-- Martin Thompson (mthom1927@aol.com), May 18, 2000