Computer Industry Fights 'Virus' Spread
PITTSBURGH — FAR away from the bright lights and wholesome image of the computer industry, electronic vandals are at work. They wreak havoc. They prey on the unsuspecting. Even their names sound chilling - names like Dark Avenger and Disk Killer.These vandals aren't people. They're computer programs or "viruses" designed to infect and control a computer. Virtually unknown five years ago, viruses are rapidly emerging as a key threat to the information age. "We don't yet understand how to protect ourselves from the abuses of the technology," says Eric Roberts, president of Computer Professionals for Social Responsibility, a public-interest organization. Because viruses are so new, the scope of the problem is hard to define. No one knows how much economic damage they cause. Virus experts can't even agree on whether there are 300 viruses or 1,000. One thing they do agree on: the problem is growing. In 1986, there were four known viruses, according to the National Computer Security Association (NCSA). This year, two or three new ones have appeared every week. "It's for sure headed up - real steeply," says Bob Bales, executive director of the NCSA. If something isn't done, the number of viruses could triple by the end of 1992, he says. Some computer users are more at risk than others, says Raymond Glath, president of RG Software Systems Inc., an antivirus firm in Scottsdale, Ariz. These include corporations with worldwide operations, businesses with networked computers, and individuals who trade diskettes with friends. Viruses have corrupted data, nearly putting some small firms out of business, says John McAfee, president of McAfee Associates in Santa Clara, Calif., one of the original antivirus companies. Large corporations are also targets. In March, Cleveland-based Certus International completed a survey of 2,500 large US companies. It found half the sites had been infected. What is more important, the rate of infection had increased dramatically. Only 3.3 percent of the surveyed companies had an infection before 1989; 19 percent of the corporations got infected in the first half of 1990 alone. Electronic viruses attach themselves to legitimate computer programs and reproduce. Unsuspecting users spread the virus when they download an infected program to another computer or pass on an infected diskette. Some viruses are political. The "Bloody!" virus displays the word "Bloody!" on the anniversary of the Tienanmen Square massacre. Others are whimsical, displaying ambulances or making letters fall from the top of the screen. Still others are outright destructive. The "dBase" virus can change numbers in files of the popular dBase program. Even if they're not intended to cause damage, many of these programs are so poorly written and bug-ridden that they destroy data anyway, virus experts say. Their authors are computer hackers. "A lot of the virus writers are between the ages of 13 and 45," says Scott Chasin, a former hacker and now computer security consultant with a three-month-old Houston company called Comsec Data Security Inc. "There's a lot to do with egos among virus writers. For their virus to be nationally known, that's great! Tha t's motivation to write another one." Curiously, the world's leading source of computer viruses may be Bulgaria. The NCSA, which counts 76 viruses that originated there, says it's the result of one or two prolific virus writers. Joe Wells, a virus specialist at Certus, suggests that Bulgarian programmers got bootlegged IBM personal computers in the early 1980s but no manuals. So they broke down the code and became very proficient at manipulating it. One of the earliest Bulgarian viruses, Yankee Doodle, taunted the then-ruling Communists. Every day at 5 p.m., infected computers would play Yankee Doodle on their speakers. Several anti-virus companies, including well-known Symantec and Central Point Software, have come out with anti-virus products within the past few years. These companies say that computer users are becoming aware of the problem and that security procedures will contain the problem. But they won't eliminate it.