What the press is trying very hard not to tell you.
What's to be done with Microsoft
The ILOVEYOU worm spread through company e-mail systems more rapidly than
any other virus or worm because it chose to re-mail itself more agressively.
No anti-virus program stopped it because it was new and did not contain any
known "signiture" patterns. It was not stopped by any firewall because it
could not be told apart from legitimate e-mail.
Total cost to stop this bug is going to be very high because it hit so many companies so hard. Some had to take their e-mail servers off line for more than a day resulting in severe interruption of business. Of course the lightly disguised "me too" follow-ons caught some too (at least one major company e-mailed an appology for sending ILOVEYOU that was infected with a "me too").
Especially severe damage was suffered by all those collections of porno pictures that somehow mysteriously gather on desktop PCs even though no one has ever downloaded anything of that sort. Porn is mostly in .jpg format and the worm deleted .jpg files and MP3 (music files).
Press reports, especially those in the computer press, have carefully avoided several important points. If they made any mention at all of Microsft it was a couple of lines burried deep down in the article. This points out the inordinate influence Microsoft still holds over editors and columnists - the truth is out there, just not in the press.
Microsoft, as always, takes the position that "A site adhering to good security practices has nothing to fear". I suppose that's why Microsoft has to shut down their own e-mail system every time something like this happens.
Microsoft will, as they have clearly stated, make no security improvements, because the tight integration that makes worms like this possible specifically locks out competitors. Also, even well designed security causes some inconvenience, and that goes against Microsoft's "user friendly" marketing goals.
Appologists for Microsoft harp on two points:
The first points is obviously just stupid. Microsoft aims their software specifically at "dumb users who don't know better" and discourages them from learning much about computers. As such, its "dumb user" software should at least attempt to protect the user. It does not.
The second point is just as stupid but less obvious to most people. No other system can be attacked this way because no other system has the tight integration and total lack of security. No other system would allow an email attachment to be run, and especially not run in privileged mode, able to affect system files and system directories. Only Microsoft products allow this.
Will attacks like this happen again? Yes, and more and more often. As defenses get a bit better, the attacks will be better written. As I have pointed out, ILOVEYOU was noteworthy for poor quality and lack of sophistication. Future versions could be far more destructive and far more difficult to stop.
For more on viuses, worms and trojans, see our article Virus & Other Invaders.
- Automation Access
Velocity Networks: Network Consulting Service - Internet Service Provider - Web Page Design and Hosting
All trademarks and trade names are recognized as property of their owners