Over the past few years, most network managers have received at least one panicked message warning of something called the “Good Times” virus.
Dozens of variants of this hoax have emerged from the depths of cyberspace, but all said essentially the same thing: in a nutshell, this virus ostensibly arrives as an e-mail message with the subject line “Good times!” and reformats (or somehow destroys) the recipient’s hard drive as soon as it’s read, destroying all information and software. AOL is usually cited as the authority that “officially announced” it had discovered the threat.
The notion that something as innocent as an e-mail message, which contains no executable code, could damage a hard drive was, of course, nonsense. Ironically enough, the massive forwarding of the warning message by well-meaning users and the fear and anxiety inspired by the message probably did more damage than most real viruses ever do. So for the past few years, you’ve told your computer users not to worry, warned them not to forward warning messages, and turned your attention to bigger problems – until Melissa changed all the rules.
The first “macro viruses” attached to Microsoft Word documents emerged within weeks after Office 97 was released, and sounded the warning that a new era was upon us. The developers of antivirus software responded immediately, and things more or less stabilized again – until Microsoft released their most recent version of the Outlook Express e-mail client.
Outlook can now run certain macros in the form of Visual Basic for Applications (VBA) code attached to e-mail messages; it can also be controlled remotely and invisibly by macros run from within other Office software such as Word. Despite dire warnings of the vulnerabilities this created, Microsoft didn’t fix the problem, and in one of those rare but immensely satisfying instances of poetic justice, Melissa hit Microsoft as hard as it hit many other companies that use Outlook.
Fortunately, Melissa was a relatively benign Word macro virus; all it did was instruct Outlook to transmit copies of the virus to blocks of 50 or so recipients, each of whom then forwarded the virus to 50 more recipients.
Innocent enough on the face of it, but this automated spamming crippled many corporate e-mail systems and required hours of work by MIS staff to set things right again. Some companies even shut down their external e-mail for days at a time. So the Good Times virus is no longer really a hoax: e-mail viruses are a real threat, and one that may become much more serious over the next year. For the first time, what you read truly can hurt you.
You have three lines of defence. First, update your antivirus software regularly with new virus descriptions from the vendor’s Web site. Second, learn enough VBA that you can examine new macro viruses, figure out what they do, and start solving the problem yourself; if not, the time lag can be days or weeks before antivirus companies receive the virus and develop a cure. Third – and most important – explain the problem to staff so they can take appropriate precautions, such as running antivirus software before opening e-mail attachments, consulting you before running any software they download from the Web, and watching for suspicious behaviour by their software. Just as a vigorous immune system can ward off biological viruses, informed and active computer users are your best defence against computer viruses. Without the aid of your user community, it’s only a matter of time before a truly destructive virus sneaks past your guard and wreaks havoc.
In the meantime, several credible sources of virus (and security) information can provide support and advance warning: the Computer Emergency Response Team (CERT): www.cert.org; the International Computer Security Association: www.icsa.net/services/consortia/anti-virus; the U.S. Department of Energy’s Computer Incident Advisory Capability: www.ciac.llnl.gov/ciac/CIACHome.html; Woody’s Office Watch: www.wopr.com/wwinfo/viri.htm (also an excellent resource for companies that use Microsoft Office); and the Computer Virus Myths home page: www.kumite.com/myths.
Hart ([email protected]) is a translator, technical writer, editor and a senior member of the Society for Technical Communication. He lives in Pointe-Claire, Que., where he works for a forestry research institute.