Computer virus unleashed against IT company
Date: January 28, 2004
Source: The World Today
HAMISH ROBERTSON: Computer experts are claiming that a new computer virus is only one step away from cyber terrorism.
The Norvag virus, currently sweeping the globe, is causing massive disruptions to computer systems and frustration for those whose machines have been affected.
Where the Norvag virus, or worm as it's technically known, differs from other computer viruses, is that it was created by hackers to attack a company embroiled in a legal battle over the rights to a popular free operating system.
Analysts say the attack on the company is as close as it gets to hackers trying to bring down a major institution through a computer-borne assault.
Hamish Fitzsimmons reports.
HAMISH FITZSIMMONS: If you get an email with the subject line 'Hello', 'Mail Delivery System' or 'Mail Transaction Failed' don't open it. It may very well be the latest computer virus which is causing major headaches for individuals and corporations alike.
The Norvag or Mydoom worm comes as an attachment on an email. It was apparently launched by disgruntled users of open source code operating systems against a company in the United States which claims it owns the rights to parts of the popular Linux operating system.
John Donovan is the Managing Director of an anti-virus software company, Symantec Australia. He says the virus is more widespread than it probably should be, given it relies on people actually opening the infected email.
JOHN DONOVAN: The malicious code resides in the attachment, so it doesn't matter if you're using Outlook or Notes or any other mail system, if you double click on that attachment, that's what's going to infect your system.
HAMISH FITZSIMMONS: That's unusual, isn't it, usually these things are aimed at Microsoft users?
JOHN DONOVAN: Well, sometimes they go after holes or vulnerabilities in Microsoft's operating system, but as I said it's not a particularly complex virus. It's a mass mailing worm, which means that it's going to go out and try and infect as many people through their mail systems as possible.
But the malicious nature of this, there's two parts to the malicious code. Number one is the opening up of the communications port, which will allow a remote hacker to take control of your system, and part two is what we call a "denial of service" attack, and this is kind of interesting. The virus itself is programmed to get all of the infected systems that it has around the globe together and launch what's called a denial of service attack on a company called SCO, Santa Cruise Operation. The issue being that SCO has some cases before the court at the moment, where they claim ownership of portions to the Unix operating system. That's upset a lot of the IT community and particularly some of the hackers, so their payback is to launch this denial of service attack, which is aiming at bringing down that company's website. So quite unusual from that perspective.
HAMISH FITZSIMMONS: So it is, as has been said, a case of cyber terrorism?
JOHN DONOVAN: Well, I think that's taking it a couple of steps beyond where it is. It is an example of a special interest group motivated attack, or politically-motivated attack. It does, unfortunately, illustrate the power of these sorts of worms or viruses, and there's only a couple of short steps between what this one does to someone aiming at taking down a particular company or government institution, or potentially aiming at critical infrastructure. It's not difficult to do that, unfortunately.
HAMISH ROBERTSON: That was John Donovan from the anti-computer virus company Symantec speaking to Hamish Fitzsimmons.
^macro[showdigestcomments;^uri;Computer virus unleashed against IT company]