As of early Tuesday, Killer Resume, which erases your PC's hard drive when you open a .doc attachment to an Outlook e-mail message, seems to have caused little damage. Ditto for NewLove, a short-lived successor to the Love Bug. But does the relative failure of these two nasty new viruses mean we have learned our lesson?
Yes and no, say virus experts. The Love Bug did help boost antivirus preparedness, especially within businesses, but plenty of vulnerabilities remain.
Unlucky in Love Bug
The Love Bug might have been better named the Las Vegas Virus, experts say, because most of its "success" was mainly luck. It was far from sophisticated, and it could have easily been written by virtually anyone with hacker tendencies.
Part of the Love Bug's explosive spread was due to timing. Released in the Far East in the middle of the night (U.S. time), it had already spread into U.S.-based mail servers by morning, allowing early users to start spreading it before system administrators were aware of the problem.
Another key to the Love Bug's success was its "subtle social engineering," says Roger Thompson, an expert on malicious code at the ICSA (http://www.icsa.net) , an independent organization that certifies antivirus and security software. Who, after all, can resist opening a message that says I love you?
The Bug Stops Here
But if you're not hooked up to a business network with its own mail server, chances are that you never saw the Love Bug.
I use a regional Internet service provider and receive an average of 100 e-mail messages per day, yet I never received a message with the Love Bug. (I did, however, receive about two dozen messages warning me about it.) ISPs were able to react quickly to filter out the Love Bug because they're "24-hour businesses that are open to the world and concerned about security," points out Jim Finn, a principal with the Enterprise Security Practice for Unisys (http://www.unisys.com) .
A Bigger Bang in Business
In the business world, though, the timing of the Love Bug's release meant the damage had already been done by the time information technology personnel were on the job. And Finn adds that even though filters were quickly added to stop the Love Bug at corporate Internet firewalls, the "soft insides" of many corporate networks allowed the virus to easily spread.
The damage caused by the Love Bug could have been far worse, and what kept a bad situation from getting worse were the Y2K security preparations that most companies made this year, Finn adds.
Although some companies took draconian measures, such as blocking all e-mail attachments, those measures were mostly short-lived. "After all," says the ICSA's Thompson, "the principle use of e-mail is to move stuff around."