Superviruses could threaten national security United Press International - May 30, 2000 17:38 By MICHAEL KIRKLAND WASHINGTON, May 30 (UPI) -- Government officials fear a new generation of computer superviruses could pose a national security risk, senior administration officials told United Press International. The new superviruses, already on the horizon, would be "self-executing" -- computer users receiving the virus through e-mail would not need to open an attachment or do anything else. Once received through e-mail, the supervirus would attack its host system automatically and spread itself to other victims on the user's e-mail address book. The prospect, and the monumental chaos it could create in the public and private sector, already has the National Security Council evaluating potential damage in terms of a threat to the national interest. In a "worst case," a global attack, a new virus would be a threat to national security "because we would be unable to control it though good security practices," an administration security official told UPI. A new "self-executing" virus "has a much higher potential (for damage) than the traditional viruses." E-commerce sites and government agencies already have been hit hard by traditional viruses and computer attacks this year. Earlier this spring, "denial of service" attacks -- launched against victims by "packets" secretly hidden in innocent computer system hosts -- temporarily crippled Yahoo!, E-Bay and some of the most affluent commercial sites on the Internet, striking government sites along the way. The attacks involved e-mail messages from the innocent host systems to the victims containing false or "spoofed" return addresses. When victim computer systems tried to answer the attacking e-mail at the false addresses, they were caught in a loop that eventually crashed the sites. Earlier this month, the "Love Bug" worm virus struck high-profile sites around the world. Victims were tempted to open an e-mail attachment by the worlds "ILOVEYOU" in the mail's subject line. Once opened, the virus in the attachment rewrote some files on the victim computer's hard drive. The "Herbie" worm virus that struck at least 1,000 systems in the United States last week was far more dangerous and insidious, though it used some of the coding contained in "Love Bug." In the new virus, the subject line in the e-mail was constantly changing -- it picked up the name of the last software application used on the system -- and once a computer user opened the attachment the virus began erasing almost all files on the system's hard drive. But for both "Love Bug" and "Herbie" a computer user had to open an attachment to release the virus. Because of publicity surrounding the "Love Bug" attacks, potential victims became wary later in May, and many computer users simply deleted "Herbie" e-mail when it popped up in their systems, according to the National Infrastructure Protection Center at the FBI. A new "self-executing" supervirus would have no such check because it would release itself automatically once it entered a system through e-mail, even if the e-mail is not opened. A European group of security experts already has experimented with the possibilities of a supervirus in a project called "Samhain," pronounced "sow in," after the Celtic predecessor to Halloween. The group developed a virus worm that theoretically could successfully hide within a system, would be very hard to kill and would not need action by a computer user to "execute" or activate itself. Its Polish developer stopped testing it in January 1999. U.S. security experts point to Samhain as a chilling portent of things to come. Unlike "Love Bug" or Herbie," which only affected PCs using Microsoft Outlook, Samhain was designed to strike all types of systems, including those using Microsoft, Linux or Solaris. The copyrighted Samhain report is available at http://lcamtuf.na.export.pl/worm.txt. The London Observer reported May 7 that a new version of the "Bubbleboy" virus was infecting computers and activating itself, even if a user did not open the e-mail attachment. The virus fortunately was benign. These and other reports are gradually beginning to alert the Internet community to the potential danger. "It's a two-stage race," an administration official said, speaking on background. "One, they (illegal hackers) are designing it (the new supervirus). Two, we're designing better operating software to make it less likely." The official conceded that complacency within the Internet community was a problem. "We want to ensure that all companies, no matter what their infrastructure bases, are taking effective precautions," he said. "We're concerned that e-commerce is opening significant vulnerabilities in companies that (traditionally) didn't have to concentrate on physical security. ... Now we're requiring them to have a really integrated security" both off- and online. Despite the threat and the seeming complacency in the private sector, the federal government is convinced the "good guys" will win in the long run. The dynamics of commerce "will make sure that businesses who don't practice good security will be penalized heavily" when they are struck down by virus attacks. In the meantime, government must institute "aggressive outreach programs" to the private sector, he said, to make sure the "good guys" win the race. -- Copyright 2000 by United Press International. All rights reserved. <A HREF="http://www.ctrl.org/">www.ctrl.org</A> DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance—not soap-boxing—please! These are sordid matters and 'conspiracy theory'—with its many half-truths, misdirections and outright frauds—is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRL gives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://home.ease.lsoft.com/archives/CTRL.html <A HREF="http://home.ease.lsoft.com/archives/ctrl.html">Archives of [EMAIL PROTECTED]</A> http:[EMAIL PROTECTED]/ <A HREF="http:[EMAIL PROTECTED]/">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om