World Tribune.com

Home Systems: Great Deals from Dell

Coming soon: WorldTechTribune

Email virus attacks - It's not just for Outlook anymore

By Scott McCollum
SPECIAL TO WORLD TRIBUNE.COM
February 6, 2002

This week's first Tech column covered those annoying unsolicited email messages known as "spam" along with a giving out a quick and free fix for it. Today's column will address a more serious and damaging threat to your inbox, the email virus.

The destructive track of an email virus follows the same path of a biological virus. Like a biological virus, the email virus infects your system, self-replicates and continues to spread and infect other systems. Unlike a biological virus, someone dedicated to spreading this viral code for the purpose of causing havoc and/or getting their name reported in the media always creates an email virus (and it's obvious that computer code is not naturally-occurring). I'm sure there will be those who read this and want to start in with the "X Files"-style secret government biological weapons/human genome conspiracy nonsense, but that's a Hollywood fantasy rather than honest, intelligent reason. Get real, kids.

During the 1990s, more people than ever got hooked up to the Internet with inexpensive PCs and the cyber-criminals wanted a piece of the action. With cyber-criminals, their use of an email virus is the knife to your throat just before robbing you or it can be the rock that smashes your window in an act of vandalism. The term "virus" is somewhat generic because email viruses have sub-classifications like Trojan horses and worms. There's not much difference between Trojans, viruses and worms because criminals with the intent to cause massive amounts of damage created them all.

Writers of almost any email virus regard them as a form of social protest. Think of it as similar to the hypocrite rich kids at some Ivy League university protesting the injustice of the capitalist system at a meeting of the World Trade Organization. In an effort to bring down the WTO, these protesters (elite members of the limousine left) smash in the windows of a McDonald's fast food restaurant (as if the McDonald's on a street corner in Quebec was the place where capitalism was manifest into a tangible item that could be destroyed). Virus writers for the Internet are of the same mind: An upper-middle class kid on his new 6,500 gilder Linux PC in Holland thinks that Microsoft is an evil capitalist business, so he writes a virus to infect PCs running Microsoft Outlook.

What makes the email virus more effective than breaking glass at McDonald's is how easily an email virus spreads: Literally millions of PCs around the world run Microsoft Outlook or a derivative program for email, meaning millions could potentially be infected. Burning a McDonald's down is illegal and destructive, but only the most weak-willed in society view the destruction of one McDonald's as a sign that hamburgers are evil. Contrast this to bringing down ten million PCs from Singapore to St. Paul with an email virus that only targets Microsoft Outlook. With the right spin (usually perpetrated by the lawyers, analysts and activists defending the cyber-criminals), an email virus becomes instructive rather than destructive. "This virus only works on Microsoft Outlook because Microsoft doesn't care about your personal safety," says an expert analyst with IDG after a particularly nasty email virus outbreak. "The only way to fix this is to move your PCs from Microsoft Outlook to a Linux-based solution." Of course, the analyst won't say that IDG is one of the leading sellers of Linux how-to books in the world...

2001 was a bad year for email virus attacks and 2002 won't be much better. At the moment there are thousands of websites dedicated to creating and spreading Microsoft Windows/Microsoft Office viruses. Add to those pages the hundreds of hackers willing to plug these ready-made viruses into email because of their duty to bring down the "evil capitalist Micro$oft hegemony" and you've got a recipe for lost data, man-hours and headaches for IT managers around the world. Is Microsoft to blame for these terrorist-like email attacks? Yeah, if you believe that McDonald's is to blame for free trade and capitalism around the world and must be dealt with by systematic vandalism during WTO protests.

The Microsoft operating systems are most often hit by email virus attacks, but the Unix and Linux systems that make up the majority of all web servers on the Internet are not immune to these attacks. A dirty little secret the *nix (a catch-all abbreviation used to describe Unix/BSD/Linux operating systems) users fail to mention is that Denial of Service (DoS) attacks like those perpetrated against Yahoo.com and CNN.com are usually launched by *nix servers. These zombie *nix servers were compromised via email virus attacks or by known security bugs in those *nix operating systems.

In 2001, Red Hat Linux had a rash of email virus attacks on their particular brand of Linux all of which were categorized as "dangerous." What's worse was the fact that few Linux users even bother with anti-virus software and depend on vigilance and "the Linux community" to alert them of virus attacks. Virus writers are overwhelmingly Linux users - do the Linux network admins expect the "virus writing community" to alert them of their nascent virus attack?

If you are a network admin or an individual and are concerned about email virus attacks, there are three things you can do:

1) Get some anti-virus software. On the Microsoft side, the Norton Anti-Virus product suite of apps is top notch, unobtrusive, automatically protects your system from infected email and very effective when updated regularly using the "LiveUpdate" feature. For Linux, Frisk International has a beta version of their commercially available F-Prot anti-virus software available for free.

2) Report email virus attacks to the authorities. The Department of Justice has a good website where you can report these criminals. There's no reason to wail and wring your hands about how there's not enough laws to protect you from email virus attacks because there's plenty already on the books. If a virus attack hits you, visit the DOJ's Computer Crime and Intellectual Property website and use those laws to your advantage.

3) Use some common sense. If someone that normally uses perfect grammar, spells like a walking dictionary and is totally humorless suddenly sends you an email with "FW: This is joke so funny!" in the subject line and a body that reads: "I red this joke and saw it so funny. Click on attached file to read joke" Ñ DELETE THE EMAIL IMMEDIATELY. It might be politically incorrect, but everyone should all start "email profiling." If you don't know the person or entity sending the attachment, NEVER open it and see tip #1.

My next column will delve into the strange and ridiculous world of email hoaxes and rumors. <>

Email your comments to scott@worldtechtribune.com
 

Print this Article Print this Article Email this article Email this article Subscribe to this Feature Free Headline Alerts