A Pandora's box of digital nastiness

Published Aug. 30, 2003|Updated Sept. 1, 2005

Recent days have been the worst ever for people protecting against digital nasties. Never before has the world seen such a barrage of viruses attacking home and business computers alike.

It started with the Blaster worm, breaking into computers if they connected to the Internet without having a "patch" correcting a critical hole in Microsoft's Windows code. Blaster caused computers to grind to a halt by forcing Windows XP to reboot computers every few minutes, making work impossible.

Around Aug. 12, Blaster began spreading rapidly because so many people thought you could get a virus only via e-mail and had not downloaded the patch from Microsoft. One inventive author even wrote an anti-Blaster worm called Nachi, which attempted to clean up infections of the earlier worm and put Microsoft's patch in place. However, it only ended up causing more disruption to networks as it ran without the permission of users. "Good" viruses are always a bad idea.

Then last week, an e-mail-aware worm called SoBig.F plowed through the Internet, rapidly becoming the fastest-spreading virus of all time and generating millions of viral e-mail messages. Companies found their e-mail systems grinding to a halt, while some home users received up to 6,000 infected messages in their inbox.

Last week, the New York Times temporarily shut down its computer systems, reportedly because of a viral threat.

Who are the people behind this computerized chaos?

The names of well-known virus authors such as the Black Baron, Dark Avenger and Nowhere Man _ who were famous in the '90s _ may strike fear into the hearts of some computer users, but who is behind the SoBig, Blaster and Nachi viruses that have been harassing computer users for the last couple of weeks? Are they evil purple-haired geniuses cackling maniacally in their back bedrooms, Die Hard-style European cyberterrorists set on global domination?

The truth is rather more mundane.

First, it is remarkably easy to write a virus _ certainly not the preserve of a genius. Jan de Wit, the kid from the Netherlands who wrote the Anna Kournikova worm, claimed to have no detailed computer skill and simply downloaded a virus construction kit off a South American Web site. In the blink of an eye he had created a virus that lured users to double-click by using pictures of the tennis temptress.

Virus writers are not a homogeneous group. There isn't really an "average" virus writer. However, there are certain characteristics that seem to hold true for most of them. The vast majority appear to be male and between 14 and 26 years old. Girls don't seem to be very interested in writing and spreading malicious code.

Virus writers also choose "handles," or pseudonyms. These not only provide anonymity but allow the virus writers to create a fantasy persona that may help them escape their humdrum daily existence. The attraction is similar to that which draws young males to watch the World Wresting Federation on TV. One wonders how mature an individual who wants a handle like "Stormbringer" or "Colostomy BagBoy" can be.

Most virus writers seem to "retire" when they reach their mid-20s or before. They go to university, discover girls and stop writing viruses.

Unfortunately, there is a steady stream of adolescent males eager to replace them. That's not to say that all virus writers fit within this age group. David L. Smith, author of the infamous Melissa virus, which caused $80-million worth of damage, was 30 years old when caught by the FBI in New Jersey in 1999.

The freedom of the Internet has allowed virus-related Web sites to spring up around the globe. If you know where to look on the Web, it can take less than 10 minutes to find more than 10,000 viruses on sites run by and for the computer underground. Virus writers have their own chat rooms, where they exchange information about viruses and educate "wannabe" virus writers. Some virus writers have even been known to create informal gangs such as YAM (Youth Against McAfee), 29A, ARCV (Association for Really Cruel Virus Writers) and the Beta Boys.

Yet if the virus writer of, say, SoBig was caught, would that be the end of the problem? Sadly, no. Like the evils inside Pandora's box, once viruses are released, they cannot be put back. Even if the virus writer was dangling in a prison cell above shark-infested custard, his crime would continue as his virus carried on infecting computers.

Of course, we should find and prosecute these cybervillains. But the best way users can protect themselves is by installing up-to-date antivirus software and keeping a keen eye out for the latest security issues and patches.

And let's not forget the importance of teaching children to use computers ethically and responsibly. Writing viruses simply isn't "cool"; it's stupid and pointless. Kids shouldn't be wasting their time doing something so destructive when they could be using their talents to create something positive.

Graham Cluley is a senior consultant at an anti-virus firm.

Special to the Los Angeles Times