While the “I Love You” virus created havoc worldwide, India was relatively less smitten by the love bug. In spite of early warnings, in India, more than 25,000 computers (out of a total base of 4.7 million computers) were infected by the love bug.
However, worldwide, this virus infected more than one million computers–within a time frame of 3-5 hours! The worst bit of news was that the love bug virus was followed by the equally virulent copycat virus.
The swift and malicious spread of the love bug virus shows our vulnerability and lack of adequate protection against viruses. Therefore, before we go ahead, let us understand what the virus is all about.
Through popular usage, “computer virus” has become a generic term for all program codes that deliberately cause mischief or damage in target computer systems. More accurately, a computer virus is defined as a piece of program code that is designed to reproduce by copying itself into other programs, modifying them to include a copy of the viral code, or evolved variations of it.
Typically, a virus either contains a “bomb” or a “worm,” which causes the intended damage. The “bomb” will have a code that will trigger it. The trigger may be based on virtually any system event decided upon by its author. A simple trigger may be nothing more than a counter that activates the bomb after the virus has copied itself a certain number of times. It could be a particular date such as Friday, 13th April. Alternatively, a virus may wait for a particular system condition like pay day, year-end closing or the presence (or absence) of a particular program or user ID. And during the entire time before the bomb is triggered, the virus is replicating itself into other programs at every opportunity.
The various variants of these malicious codes could be described as follows:
» A logic bomb or time bomb is any hidden code, whether standalone, contained in a virus or embedded in another program, that causes deliberate damage when triggered. A user can inadvertently spread a bomb by copying or transmitting the host program. The damage a bomb can cause may range from amusing or annoying screen messages, to the destruction of programs, data files, or even the hardware itself. In the worst scenario, subtle changes are made to data or programs, disks and systems.
» A Trojan horse is a program that appears to perform a legitimate function but contains a hidden bomb.
» A worm is a program that travels from machine to machine across network connections, often with the intent of clogging networks and computer systems as it spreads. The “love bug” had a worm in it.
» A black door or trap door is a hidden code written into an application that, when triggered, permits the knowledgeable user to gain unauthorized access to the system, bypassing normal security procedures.
Who makes these viruses? Actually, a virus can be authored by virtually any software literate person, and embedded into any program. In the present networked economy, where more that 360 million users are connected, virus authors are the ills of society. The “love bug” virus has reportedly caused losses exceeding US$ 10 billion! In many countries, the law allows the virus creators to be imprisoned. In India, as per the IT Bill pending in parliament, the virus creator can be fined up to Rs. 10 lakhs.
Now let us try to understand how the “love bug” virus struck. The “love bug” contained a self-replicating “worm” that attack PCs which used Microsoft Outlook e-mail. The virus was reportedly launched by computer vandals in the Philippines and came as an attachment to an e-mail that was blank or contained the message “kindly check the attached LOVE LETTER from me.”
Once a user opened the attachment file, the virus ran into the computer’s hard drive, deleted files and e-mailed itself to everyone in the Outlook address book.
If you were infected by the “I LOVE YOU” virus and hadn’t created backups of the multimedia files on your PC, you may have felt more hatred than love!
Anti-virus experts recommend that people, who receive e-mails with “I LOVE YOU” or other suspicious subject lines, delete them without opening the attachments. They are also advised to get up to date anti virus software running on their machines. For businesses with computer networks, system administrators were advised to set up filters that screened out e-mails with the incriminating subject line and file attachment.
The aftermath of the love bug virus clearly indicates that we are very vulnerable to virus attacks. We need to create better and more up-to-date anti-virus methodologies, so that viruses are killed before they spread. I am sure many youngsters will take this as a challenge and create better security systems. The fact is, the computer security software market in 2002 is expected to generate more than US$ 50 billion in revenues. Let Indian programming talent make the most of it and ensure that the world’s a more secure IT place!