We are currently under attack…. was the message sent sent out across the US by a beseiged computer scientist at the University of California at Berkeley in the early hours of Thursday morning, November 3 (CI No 1,052). The assailant was a computer virus that caused the most extensive penetration of computer systems yet known by this type of intrusion. Upwards of 6,000 computers – mainly DEC VAXes and Sun Microsystems workstations running Berkeley Unix were immobilised from late Wednesday evening and onwards by a self-reproducing program which choked up memory banks, panicking US military bases, corporations and universities across the country. A full scale review of computer security in the US is expected as a result, and a post mortem conference was held in Washington last week. The virus is thought to have been transmitted by 23-year-old Cornell University graduate Robert Morris, son of a well-known US computer security scientist, ironically alleged to be one of the original creators of viruses back in the 1960s as a harmless game dreamed up at AT&T Bell Laboratories. The group kept quiet about its little game until 1983, when one of them revealed the secrets in a speech. The virus is believed to have been fed into the Internet communications network via Arpanet at Massachusetts Institute of Technology.
A fortune in man-hours The virus was intended to travel slowly and secretly through networks, spreading by means of a back door left in the Berkeley Unix electronic mail installation program, which is intended to be erased after installation, but seldom is. A bug in the virus program made it replicate many times faster than intended and by the time a remedy was sent out the lines of communication were far too loaded for it to be received – or had they had been disconnected from the network as a defence. Instead, technicians across the US spent a fortune in man-hours devising blocks and traps to counter the attack, and was thought to have been contained within 24 hours of its outbreak – a tentative estimate because the virus had a tenacious ability to recall itself over and over again even when a system appeared to have been successfully vaccinated against it. Although swamping the memory of its host system, there have been no reports of it destroying or damaging files in any way. There are no reports of the virus spreading through international networks, University College London being the European focal point of Arpanet, but in at least some cases UK systems administrators were warned not to open suspicious messages in the electronic mail. Do not think the worst has occurred, warns John McAfee of InterPath Corp, a California security firm, talking to USA Today. From all indications, within the next two years, there are viruses that will make this Arpanet thing look like child’s play. There are probably 100,000 people in the US who could have launched the attack you saw last week, added University of Cincinnati computer professor Fred Cohen. Before the Arpanet attack, perhaps the worst virus epidemic was the one that hit IBM’s 35,000 terminal worldwide network last Christmas. Users got a message asking them to type Christmas. When they did, they sent the virus on to every person on their electronic mailing lists.