Computer Industry Braces for Virus Hit
PITTSBURGH — TOMORROW the computer industry finds out whether Michelangelo the virus is as destructive as Michelangelo the artist was creative.
Friday - the artist's birthday - is the trigger date for one of the fastest-spreading computer viruses ever found. Discovered only last April in the Netherlands and Sweden, Michelangelo has infected computers around the world.
"It spreads very quickly, very widely, and is very damaging," says Steven Winegar, marketing director of utilities products at Microcom Inc. The company, headquartered in Norwood, Mass., sells an antivirus product called Virex.
"It seems to be blanketing many computers out there," adds Michael Alexander, senior editor of advanced technology at Computerworld magazine. Some market researchers believe Michelangelo already accounts for 15 percent of all virus infections.
Computer viruses are software programs intentionally designed to insinuate themselves into computers and control them. Sometimes they are innocuous. One of the earliest viruses, "Stoned," displays the message: "Your PC is now stoned!"
Michelangelo, which has elements of the Stoned virus, is much more destructive. It resides in the computer's boot sector - the area of a floppy drive or hard disk that contains the information a computer needs to "boot up" or start. Users who boot their machines with an infected floppy disk cause the virus to spread to the hard disk.
On March 6, Michelangelo is scheduled to reformat the disks of all its infected computers, erasing their data. Worse, it will then overwrite the disk with random characters. This makes the original data all but impossible to recover.
"I think this is terrorism in the information age," says Jim Flach, vice president and general manager of Intel's personal-computer enhancement division. Intel, in Santa Clara, Calif., is one of several companies that have unwittingly shipped products infected with Michelangelo in recent months.
The virus itself is not technically remarkable. It is less virulent than some other viruses, such as Dark Avenger and Disk Killer, Computerworld's Mr. Alexander says. It is easier to detect than a new class of "Stealth" viruses that hide from detection software. No one is sure how or why Michelangelo spread as quickly as it did.
In December, Leading Edge Products Inc. of Westborough, Mass., inadvertently shipped 500 of its computers infected with Michelangelo. The company blames a third-party supplier for the infection. In February, Da Vinci Systems Corporation of Raleigh, N.C., announced it had sent out some 900 disks of its electronic-mail software infected with the virus. And on Monday, Intel announced it had distributed 839 disks of its LANSpool 3.01 network software infected with the virus.
In each case, Michelangelo managed to elude the company's virus-scanning procedures because they were using out-of-date detection software. Each company has gone to some lengths to repair the potential damage - contacting customers and offering free antivirus software.
"A lot of people got blindsided by this one," says Mr. Flach of Intel. The key lesson of the episode is that companies must use the absolute latest versions of antivirus software to keep up with the virus problem, he says. Unlike other software vendors, antivirus companies release new versions of their product every few months to keep up with the growing number of viruses.
The threat is expanding exponentially. In 1986, there were four viruses, according to the National Computer Security Association. By 1991, as many as six new strains were appearing every day!
While Michelangelo has gotten the lion's share of the publicity, several other viruses are expected to trigger this week, including Exterminator, Alabama, Frere Jacques, and several strains of Jerusalem, which trigger every Friday the 13th.
The publicity surrounding Michelangelo is a boon to the young antivirus industry. "The question is whether it will indeed have a long-term effect," says Microcom's Mr. Winegar. Virus experts hope that the publicity will cause more users to become aware of the problem and take measures to protect themselves.