Thursday, March 28, 2024

AdvertiseDonateSubmit
NewsSportsArtsOpinionThe QuadPhotoVideoIllustrationsCartoonsGraphicsThe StackPRIMEEnterpriseInteractivesPodcastsBruinwalkClassifieds

UCLA weathers e-mail worm storm

By Jeyling Chou

Feb. 2, 2004 9:00 p.m.

Along with the sneezing and wheezing, this year’s flu
season has also brought with it a particularly virulent attack on
our wired and electronic counterparts.

The Mydoom e-mail worm, which first reared its ugly head on
Monday, Jan. 26, has infiltrated the unsuspecting systems of
hundreds of thousands of machines around the world. At the height
of its spread last week, the worm was responsible for one in every
12 e-mails sent worldwide.

On Feb. 1, Mydoom claimed its first intended victim.

The Web site of SCO Group, Inc. was disabled by an overload of
simultaneous requests for information from infected computers: a
distributed denial of service attack. Today, Microsoft Corporation
is the suspected next target.

Both companies have offered a reward of $250,000 for the author
of the virus.

Despite Mydoom’s seemingly frightening electronic feats,
there have been more destructive cases in the history of computer
worms and viruses.

“I would say Mydoom is more of an annoyance than a
problem,” said Peter Reiher, a UCLA computer science
professor.

“Other worms had faster spread and brought down more
services. Today we have a better idea of how to deal with
it.”

Last week, these annoying electronic infestations were addressed
by the federal government.

The National Cyber Security Division of the United States
Department of Homeland Security launched the first National Cyber
Alter System in order to provide computer users with timely
information on how to secure their PCs and networks.

This new, centralized system will provide bulletins and alerts
on hacking, viruses, worms and other forms of cyberterrorism
targeted at both technical and non-technical audiences.

The UCLA campus also has a centralized system for protecting
network security from invading worms and viruses among the various
academic departments.

Bruin OnLine scans all incoming and outgoing e-mail from BOL
e-mail addresses. If a virus is detected, the infected e-mail
message is automatically quarantined and replaced with a Virus
Notification e-mail from [email protected].

Through a license with the network security company Sophos, UCLA
also offers downloadable anti-virus software free of charge to all
students and faculty.

The security of the entire campus network, however, depends on
measures that students and faculty are taken to secure their
individual PCs.

“Ultimately it all comes down to how well your individual
computer is protected,” Degolyer said.

“We can put up all the security in the world but if your
personal computer is not protected, that’s not going to do
you much good.”

Network security through the screening of e-mails is also
handled within the individual academic departments by an on-site
support staff.

“If you have a network connection to campus, you need to
have somebody that acts as a liaison between campus networking and
your department so when things like (Mydoom) happen, there’s
always a point of contact,” said Stephen Sakamoto, network
manager for the Department of Computer Science.

UCLA’s Social Sciences Computing, which provides network
security for many departments and centers under the social sciences
umbrella, has already screened out 40,000 e-mails infected with
Mydoom.

Despite the careful screening, a few capricious worms still
manage to slip through and corrupt a particular machine on the
department network.

“Some professors don’t use the social science e-mail
account; they use something like Hotmail,” said Mike Lee,
manager of user services for SSC.

“If that’s the case, we have a consultant to go
on-site to clear it out so it doesn’t propagate to other
people,” he said.

Security staff members like Lee are constantly monitoring
department computer traffic to pinpoint an infected machine.

“If there’s a spike in network traffic from a
machine on the network, you can identify exactly which machine
it’s coming from and what room it’s in,” Lee
said.

Despite the efforts that are placed into securing networks,
viruses and worms have always found a way to evolve more new and
creative twists and turns.

Viruses like Mydoom often utilize what is known in hacker terms
as “social engineering” to convince the user to click
on that link or attachment which will set the virus loose.

For example, an e-mail virus may have a subject line crafted to
arouse curiosity or appear professional, such as “Re: Your
application” or “Thank You!.”

“With today’s single-user machines, if you click on
that link, the code has access to everything you have access
to,” Reiher said.

These malicious pieces of code have been tangling the wired
community since the ’80s. Yet the motive behind each one
often remains ambiguous.

“In most cases, we never catch up with the person who did
it,” Reiher said. “Most of the time it’s some guy
who thought it was a neat idea, wants to see if he can do it, and
then does it.”

Viruses and worms have often been used to forward a political
agenda or profit-making enterprise, such as the sending of spam
e-mail.

Virus writers have demanded ransom payment from companies to
prevent the launch of a denial of service attack, Reiher said.

In the case of Mydoom, analysts suspect the author specifically
targeted SCO because of the company’s billion dollar lawsuit
against IBM, accusing the company of using SCO-owned code in the
Linux operating system.

Infuriated Linux users protested this accusation over an
operating system code that is meant to be free to everyone.

“I’m never surprised when one of these things comes
out because it’s very easy to do,” Reiher said.

The rise of the electronic and cyberspace world is inevitably
paired with mischievous mechanisms that will attempt to shatter
it.

“There’s a set of overall rules that govern how you
drive, but ultimately it really boils down to each driver driving
safely and following the laws to really make things secure.”
Degolyer said.

UCLA students and faculty can download free anti-virus
software at www.ats.ucla.edu. Microsoft Windows users should
regularly download updated security patches at
windowsupdate.microsoft.com.

Share this story:FacebookTwitterRedditEmail
Jeyling Chou
COMMENTS
Featured Classifieds
More classifieds »
Related Posts