Love bug only the tip of virus iceberg
By Jim Wolf
Washington - Technical experts warned the United States congress on Wednesday that little could be done to prevent the outbreak of even worse computer viruses than the "love bug" that wreaked havoc on the Internet last week.
In testimony prepared for the House Science Subcommittee on Technology, several referred to it as a wake-up call to the growing threat from "hackers" and others to sensitive data stored on hard drives.
The General Accounting Office (GAO), the investigative and audit arm of congress, said the United States government was poorly organised to respond.
"Our audits continue to find that most (federal) agencies continue to lack the basic management framework to effectively detect, protect against and recover from these attacks," said Keith Rhodes, technical director for the chief GAO scientist.
Variants of the "love bug" already circulating by email left scant doubt that the next big software scourges would "propagate faster, do more damage and be more difficult to encounter", he testified.
Computer Economics, a Carlsbad, California-based research company, estimated on Tuesday that the "love bug" and copycats had caused $6,7-billion (about R47-billion) in damages since they began spreading as an email attachment in Asia late on May 3.
The virus or "worm" forced many businesses and government agencies - from the Pentagon to Britain's parliament to major companies like Ford and Lucent - to take down computer networks for protection and repair.
"We still do not know the full effect of this virus on the agencies that were penetrated," Rhodes said. He cited reports that at least 14 United States federal bureaucracies were hit, including the CIA, National Aeronautics and Space Administration and department of energy.
In its original format, the virus spread as a message containing "ILOVEYOU" in its subject line. It arrived with an attachment that, if double-clicked, automatically sent copies of itself to everyone in the address book of Microsoft Outlook, a software programme.
The "love bug" also deleted pictures, video and music files and installed a password-stealing programme, Rhodes testified. Internet accounts set up to collect this information in the Philippines, the focus of an ongoing criminal probe, were reportedly disabled on Friday.
Harris Miller, president of the Information Technology Association of America, a trade group that claims 26 000 direct and affiliate members, said the "love bug" can be seen "as an evolutionary link in the hacking chain".
"If not addressed in a concerted way, this problem could grow to undermine the global information infrastructure and, ultimately, the Internet economy," he said.
"Consumers will lose confidence in this way of doing business, companies will lose the competitive advantages it creates, investors will seek opportunities elsewhere," Miller said.
Sandra England of McAfee, a Santa Clara, California, anti-virus software-making unit of Network Associates, urged the federal government to step up anti-software piracy efforts and boost research and development.
But Peter Tippett, chief scientist at Icsa.net, a Reston, Virginia firm that tests computer security products, advised lawmakers to avoid the temptation to write any new laws affecting the Internet.
Broadening the FBI's jurisdiction is a bad idea, he testified. The key is to be able to recognise a problem and recover from it.
"It's not a question of if something bad will happen, but when," he said. - Reuters