'Melissa' May Have Built a False Sense of Security

By Annika K. Martin Thursday, May 04, 2000
  • Share
  • Read Later
Don't open that love letter! ILOVEYOU, a computer virus spread by e-mail messages, has been wreaking havoc in Asian, European and American companies since early Thursday morning. Although its effects are expected to be short-lived, the virus is raising questions about the effectiveness of so-called "firewalls" and other security devices that are set up to protect the world's corporations from such an invasion. Appearing in Hong Kong Thursday afternoon local time, ILOVEYOU began spreading at the fastest rate of any virus to date. Its speediness results from its ability to trigger the recipient's e-mail program to send a copy of itself to everyone listed in the program's address book. This means a copy of the virus is quickly dispatched to listservs, client lists and internal mailing lists, enabling it to leap city, country and continent borders at incredible speed.

It was also helped on its way by being written to target the ubiquitous Microsoft Outlook e-mail client. "Software standardization is a fertile breeding ground for viruses," said Lev Grossman of TIME Digital. "Writing a virus for one e-mail client can affect every company using that client." Once the virus has established itself on a host computer, it quickly destroys all music and image files and disables the e-mail system, causing irreparable damage at some companies. One European magazine lost its entire picture archive for the past two years. Other companies have had servers crash and data destroyed.

Computer security experts believe the virus will be under control by Monday, but ILOVEYOU has already caused more damage than last year's Melissa virus, which spurred many companies to invest in costly and complex computer security measures. The fact that ILOVEYOU was seemingly unaffected by most companies' front-line defenses should serve as a wake-up call to businesses that in the ever-mutating world of computer viruses, security software must constantly be updated with the latest technology. "Companies that receive daily updates of good anti-virus software could nip this thing in the bud," Grossman says. Of course, the best defense, he adds, is informed users who know not to open strange attachments or unsolicited love letters from their colleagues.