Computer `viruses' government
Boston — The National Aeronautics and Space Administration (NASA) is one of several government agencies hit by a computer ``virus,'' a program designed to sabotage computers, in the past few months. During the past year, virus programs have also infected computers in corporations, homes, and universities, and are causing computer users worldwide to be wary of unknown software.
And with good reason. Viruses can spread exponentially, mimicking biological contagion, and then disrupt infected systems.
The NASA case is just one typical example. According to spokesman Charles Redmond, a computer manager at the space agency brought a computer disc to work, not knowing that a program from an electronic bulletin board had infected his disc with the ``scores'' virus. Over the next five days in early March, the virus program spread through the network to about 70 Apple Macintosh computers. The damage was minimal because the virus was quickly detected and destroyed.
A more sophisticated viral attack might be ``devastating from a terrorism standpoint,'' says Harold J. Highland, editor in chief of Computers & Security. He mentions telephone and power utilities, air-traffic control systems or financial institutions, as well as government, as possible targets.
But professor Len Adleman at the University of Southern California, cautions against this hypothetical leap into the future. ``We still don't know to what extent we're vulnerable,'' he says.
The scores virus was not designed to attack the government, but to allegedly sabotage a corporation in Dallas, Texas. Yet it spread to the Environmental Protection Agency, and a few congressional offices, as well as NASA. This is one of several known viruses that have spread to thousands of personal computers in the US and abroad.
Spokesmen for government agencies say there was no permanent loss of data from the infected computers, but the incidents do highlight the vulnerability of computer systems.
Although defenses have been developed to control the damage in specific cases, ``no decent defense is in place today,'' says professor Fred Cohen of the University of Cincinnati, a leading expert on the problem.
``We've seen only the kindergarten viruses so far,'' says Mr. Highland. Virus's potential seen in Israel
The potential for terrorist use was seen in the so-called ``Jerusalem'' virus which spread through thousands of systems in Israel last fall, and in some systems in the United States. On May 13 all infected files were to be erased by a ``time bomb'' mechanism in the virus program.
It is suspected that this virus was planted by a Palestinian, because this day marked the 40th anniversary of Palestine's last day as a political entity.
The outbreak was discovered because of a glitch in the virus code that caused it to infect certain programs again and again, taking up an inordinate amount of computer memory. A student at Hebrew University discovered the infection on Dec. 30. There was ample time to develop an immunity program that prevented much of the potential damage. Digital hygiene
The rash of viral epidemics in the past year points to the need for better protection of computer systems in business and government, experts say. Many people are now leery of ``share-ware,'' public domain software available on computer bulletin boards.
Peter Denning, Director of NASA's Research Institute for Advanced Computer Science, calls for greater attention to ``digital hygiene.'' Several dozen ``immunity'' programs are now on the market, some of which check codes for signs of specific known viruses. But these programs can do little to stop unknown types of viruses, most experts say.
Other defenses involve monitoring changes in program length. A program infected with a virus would have a higher ``checksum,'' or total bits of code. The checksum method may be the most effective way to detect viruses, say some experts. But they note that ingenious ways can be devised to get around most defenses.
Bluntly put, the integrity of computer systems depends on the integrity of human beings. As Mr. Denning wrote in American Scientist, ``at the root of the problem are programmers performing disruptive acts under the cloak of anonymity conveniently provided by many computer systems.''
Creating and detecting effective viruses has expanded into a new realm of fascination challenge for computer security experts.
While some spend their hours devising ``vaccine'' programs, others are theorize about potentially benign uses for viruses, such as protecting software from piracy.
Some say the virus threat comes chiefly from people intrigued by the endless possibilities, such as a magazine publisher who's virus sent a ``universal message of world peace'' on May 2, to thousands of personal computers in North America and Europe.
But Harold Highland responds, ``This is not a gentlemanly game,'' referring to the possibility of malicious sabotage of corporations and government. Computer security for government
Some computer security experts, including Harold Highland, say that the federal government should be focusing more attention on the threat which computer viruses could pose to national security. But government agencies are not ignoring the issue.
``The National Security Agency [NSA] is showing a lot of interest in viruses and in companies that are doing virus research,'' says Philip McKinney of Thumbscan, a computer security firm in Oakbrook, Ill.
While the NSA safeguards classified information, the National Bureau of Standards is responsible for developing guidelines on computer security. All agencies, however, are responsible for setting their own computer security policies.
How a computer virus works
A computer virus is a program that spreads by secretly attaching copies of itself to other programs.
Viruses interfere with a computer's operations, often deleting or altering files. The damage is generally activated by a ``time bomb,'' which takes effect at a specific time on the computer's clock, or by a ``counter,'' which waits until the virus program has been passed on to a certain number of other programs.
Typically, the virus will infiltrate a computer's basic software that runs other programs. Thus any program that is executed may be exposed to the virus. A virus program can also spread through telephone connections between computers, including ``electronic bulletin boards.''