You are here: Articles --> 1999 --> Good times, bad times

Vous êtes ici : Essais --> 1999 --> Good times, bad times

Good times, bad times

by Geoff Hart

Previously published, in a different form, as: Hart, G.J. 1999. Good times overshadowed by Melissa. Computerworld Canada, Dec. 17:17.

Over the past few years, most network managers have received at least one panicked message warning of something called the “Good Times” virus. Dozens of variants of this hoax have emerged from the depths of cyberspace, but all said essentially the same thing: in a nutshell, this virus ostensibly arrives as an e-mail message with the subject line “Good times!” and reformats (or somehow “destroys”) the recipient’s hard drive as soon as it’s read, destroying all information and software. AOL is usually cited as the authority that “officially announced” they’d discovered the threat.

The notion that something as innocent as an e-mail message, which contains no executable code, could damage a hard drive was, of course, nonsense. Ironically enough, the massive forwarding of the warning message by well-meaning users and the fear and anxiety inspired by the message probably did more damage than most real viruses ever do. So for the past few years, you’ve told your computer users not to worry, warned them not to forward warning messages, and turned your attention to bigger problems—until “Melissa” changed all the rules.

The first “macro viruses” attached to Microsoft Word documents emerged within weeks after Office 97 was released, and sounded the warning that a new era was upon us. The developers of antivirus software responded immediately, and things more or less stabilized again—until Microsoft released their most recent version of the Outlook Express e-mail client. Outlook can now run certain macros in the form of Visual Basic for Applications (VBA) code attached to e-mail messages; it can also be controlled remotely and invisibly by macros run from within other Office software such as Word. Despite dire warnings of the vulnerabilities this created, Microsoft didn’t fix the problem, and in one of those rare but immensely satisfying instances of poetic justice, Melissa hit Microsoft as hard as it hit many other companies that use Outlook.

Fortunately, Melissa was a relatively benign Word macro virus; all it did was instruct Outlook to transmit copies of the virus to blocks of 50 or so recipients, each of whom then forwarded the virus to 50 more recipients. Innocent enough on the face of it, but this automated spamming crippled many corporate e-mail systems and required hours of work by MIS staff to set things right again. Some companies even shut down their external e-mail for days at a time. So the Good Times virus is no longer a hoax: e-mail viruses are a real threat, and one that may become much more serious over the next year. For the first time, what you read truly can hurt you.

You have three lines of defence. First, update your antivirus software regularly with new virus descriptions from the vendor’s Web site. Second, learn enough VBA that you can examine new macro viruses, figure out what they do, and start solving the problem yourself; if not, the timelag can be days or weeks before antivirus companies receive the virus and develop a cure. Third—and most important—explain the problem to staff so they can take appropriate precautions, such as running antivirus software before opening e-mail attachments, consulting you before running any software they download from the Web, and watching for suspicious behavior by their software. Just as a vigorous immune system can ward off biological viruses, informed and active computer users are your best defence against computer viruses. Without the aid of your user community, it’s only a matter of time before a truly destructive virus sneaks past your guard and wreaks havoc.

In the meantime, several credible sources of virus (and security) information can provide support and advance warning:

• The Computer Emergency Response Team (CERT): http://www.cert.org/
• The International Computer Security Association (ICSA): http://www.icsa.net/services/
• Woody’s Office Watch: http://www.wopr.com/wwinfo/viri.htm (also an excellent resource for companies that use Microsoft Office)
• Computer Virus Myths home page: http://www.vmyths.com/

©2004–2024 Geoffrey Hart. All rights reserved.