Viruses Seen Spreading to New Hosts
Updated 4:41 p.m. ET (2041 GMT) April 12, 2000
As computers are integrated into every aspect of our lives, the risks that come with being wired increase � and that could mean for the first time that "computer viruses" can now be fatal to human beings.
Manufacturers are starting to equip a range of products from cars to refrigerators with programmable computer chips and Internet access � and since everything that's connected can become infected, the new world of computing will hold invisible threats.
"There is a trend toward ever more interconnected things, and that's a concern � people in these industries will have to go through the same learning curve that they did with personal computers," said Shawn Hernan, a team leader at CERT Computer Emergency Response Center, a Defense Department-funded computer security project at Carnegie Mellon University.
The impact of malicious code writers on computers is well known. In one of the most brazen "denial-of-service" attacks earlier this year, hackers bombarded Yahoo, Amazon.com and others with millions of messages that brought down their services.
Bringing Web searches and book orders to a screeching halt might not have brought Western civilization to a standstill. So what if a few finger-twitching Webheads had to go to a bookstore or read a newspaper? But what if the attacks caused home heating systems to fail or burglar alarms to ring? Or, worse yet, if they were aimed at "911" switchboards?
FBI Takes '911 Bug' Seriously
It is too late to worry about what might happen and time to start preventing these types of viruses from spreading, according to the FBI, who has made computer security a top priority since leading Web sites came under cyber-attack in February.
In fact, the FBI issued search warrants Monday after "zombie" computer attacks took place at isolated "911" emergency switchboards in Texas and Florida. No arrests have yet been made.
The National Infrastructure Protection Center, the "cyber crime" arm of the FBI said the self-propagating virus spreads by attacking computers with Windows operating systems set up to allow users to share files over the Internet. It then erases hard drives, causes infected computers to dial "911" emergency telephone numbers and leave the line open.
FBI spokesperson Debbie Weierman said the NIPC's investigation is continuing and is looking at the "scope of the damage and what effects this particular virus has possibly caused."
"A call of this nature could potentially cause local emergency personnel to respond to false '911' calls," the agency said in a statement. It said local '911' services in Houston had not detected a "significant increase" in the number of such calls; but should emergency personnel get tied up chasing false calls, it would take longer to respond to actual emergencies, making this the first truly lethal "computer" virus.
A Low-Risk Threat
Computer security firm Symantec Corp. researcher Vincent Weafer however called the "911 bug" a relatively "low-risk event," since it required a special set of conditions to be activated. It was "relatively rare � and not very robust."
But if the present generation of intrusion is not so frightening, the history of such invasions is that each wave carries a stronger bite. And once the potency is increased, the attackers will have a wide array of easily available software tools to spread the damage.
In the case of the 911 bug, a simple program made it possible for the "zombie" computer to dial thousands of numbers without any knowledge on the part of the computer's owner. The threat of widespread attacks that move beyond the computer is "something that we are all looking at in the computer security field," said Symantec's Weafer.
International Business Machines Corp. (IBM.N) is placing a high priority on the threat of viral outbreaks in the new world of "ubiquitous computing," said IBM researcher David Chess. The researchers worry not only about the growing number of places that need to be protected, but also about the speed with which attacks take place.
"There is a danger in the sense that there are more niches where nasty things can spread faster," said Chess. "These outbreaks used to take place over a period of months, or days. Now it just takes a few hours."
IBM's team is studying ways to immunize entire networks against attack with software "modeled after biological systems." A growing number of programmable devices will require that computer security systems work with such sophistication, with the ability to track down intrusions over networks and apply antidotes in real-time.
Places to Hide
"There are thousands of places where malicious code can come in," said Sal Viveros, computer virus products marketing manager at Network Associates Inc. "As more devices become Internet-aware, from Web TV's, to refrigerators to palm computers, they add more functionality. And once they become programmable they can carry malicious code."
Since more portals are opening all the time, Viveros said, computer intrusion experts are concentrating on protecting the infrastructure � the Internet service providers and networks used to carry the invasions.
"Interdependence of global infrastructures is a fairly serious concern," said CERT's Hernan. "The potential is fairly significant. You could imagine someone writing a robot piece of code that could spread fairly quickly dialing 911 or otherwise impact things outside the Internet."
IBM's Chess said "it's not a doomed world yet," since the devices are only now being built and many manufacturers learned their lessons when the outbreaks hit personal computer. CERT's Hernan said that security experts need to make a concerted effort to educate manufacturers about potential dangers when they make their new products programmable.
"We got all these things under development for controlling home devices, things that turn on the lights, turn temperature up and down, start the coffee maker boiling," said Hernan. "There is potential for abuse when they're connected, and manufacturers have to be aware of that."
http://www.foxnews.com/vtech/041200/viruses.sml
-- Martin Thompson (mthom1927@aol.com), April 12, 2000