'Love' Bug Damage Could Hit US$1 Billion

SAN FRANCISCO (05/05/2000) - New e-mail is taking an infectious turn at corporations and governments around the world, as virulent attachments continue to crash networks, delete files and prevent computers from rebooting.

Damage from the "I Love You" virus and its hybrids, including "Joke" and "Mother's Day," has been estimated by systems engineers at a staggering US$1 billion -- nearly half the global market for antivirus software. The notorious Melissa virus, by contrast, caused only $80 million in damage, most of it going to compensate network administrators for time spent cleaning up the fallout.

Melissa hit in March 1999.

The latest virus-worm hybrid (a virus is designed to copy itself from one file to another on a single computer, whereas a worm spreads from one computer to multiple computers) first hit Thursday as an e-mail with the subject line "I Love You." Opening the enclosed attachment sent the e-mail to people in the recipient's Microsoft Corp.'s Outlook e-mail address book and overwrote some artwork files, including JPEGs and MP3 files.

Just as companies began to right their networks after the proliferation of love letters on Thursday, the problem was compounded due to the "Love" bug's equally evil twin, "Joke." Soon after that came the Baltic version of the virus, an e-mail with the subject line "Let's have coffee together" in Lithuanian.

The "I Love You" virus-worm hybrid is believed to have been developed in the Philippines because it caches network log-in passwords and sends them in a text file to an e-mail address in that country. Philippine authorities reportedly are close to identifying the sender, CNN reported. Copycat virus versions that followed likely were designed by other hackers.

Today brought another attack via e-mail confirming a bogus Mother's Day gift order. The e-mail included an invoice attachment, which recipients were asked to print. If they did, the virus overwrote files used in system startup, making the computer difficult to reboot.

To protect their networks, many corporations, including Ford and Microsoft, shut down all or part of their e-mail systems. The U.S. Senate, the U.S Navy and the British House of Commons did the same At latest count, the number of virus strains was up to eight, according to Carey Nachenberg, chief researcher at Symantec's antivirus research center in Santa Monica, California. More could be on the way.

Dan Schrader, chief security analyst at Trend Micro, cautions computer users against attachments in general. "Don't open a file attached to e-mail unless you know why they sent it to you," he says.

And merely knowing the sender of an e-mail is no longer insurance against attack. Because these virus-worms use address book listings, the e-mail appears to be sent from a recipient's friend or colleague.

Such are the hazards of the e-mail-based corporate culture. "We've made a compromise between functionality and security, and functionality won out," says Nachenberg, who points out that the virus-worms are "not rocket science," illustrating how vulnerable corporate computer systems are to even the simplest viruses.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CNNMicrosoftSymantecTrend Micro Australia

Show Comments