Virus, worm infect e-mail accounts

MS Blaster, Sobig.f impact electronic message delivery on campus, affect hosts worldwide

By Rogelio Morales

Monday, August 25, 2003

Elvira Cortez, a fourth-year political science student, sat helplessly in front of her computer. For 30 minutes, she vainly tried to access her MyUCLA Web site, but to no avail.

Unknown to her, the culprit, which infected over 187,000 hosts worldwide last week, had reached UCLA.

The MS Blaster worm and SoBig.F virus raised concerns last week, prompting campus departments to update their anti-virus scanners and implement emergency measures to delete infected e-mails

These had a “severe impact on Campus exchange servers and (impacted) campus e-mail delivery,” and caused significant interference for computer users, according to a campus bulletin released on Aug. 19. by the university.

The worms targeted computers equipped with popular Windows operating systems.

Despite the interference the Internet attacks caused, some people expressed confidence in the university’s established protections to deal with computer worms and viruses.

“The university was prepared for the worms, and they did not cause major damage,” said Eric Splaver, director of college information services, the department responsible for maintaining the popular MyUCLA Web site.

“Our system automatically downloads any necessary patches from the Microsoft Web site,” he said.

This ongoing function allows the university to minimize the potentially adverse effects a worm or virus could have on the system.

Though the worms were primarily responsible for last week’s Internet interference, Splaver said, they were also not the only reason for the difficulties.

But some areas of campus were not so lucky. UCLA Student Media’s e-mail network was inundated with multiple e-mail barrages, which clogged up accounts and left some unable to send or receive messages.

Students who experienced computer troubles sought help on campus during the outbreak.

Michiaki Kono, a third-year cognitive science student and a computer technician at the Student Technology Center, said he saw a surge of computer-related inquiries during the past week.

“The computer usually needs to be reformatted if it has been infected,” Kono said.

Computer worms, unlike viruses, do not need “carriers,” such as discs, downloadable programs or e-mails.

Being connected to the Internet, for example, makes one vulnerable to contracting the harmful program.

A tell-tale sign that a computer had been corrupted by the MS Blaster worm is the computer restarting itself every 60 seconds without user input.

The SoBig.F virus is contracted when users click on attachments to e-mails carrying subject lines such as “Details,” “Approved” and “Thank you!”

Some see the threats as becoming more sophisticated.

“More recently, we are seeing blended threats which are programs that include hybrid worm and virus mechanisms, as well as other code and exploits,” said Information Technology Security Coordinator John DeGolyer.

Laws have been passed to punish Internet crime.

Section 502 of the California Penal Code stipulates that creators and disseminators of computer infections such as MS Blaster and SoBig.F can face stiff fines and lengthy prison terms.

Last week’s outbreak is not the first time UCLA students have dealt with computer infections.

Shortly after the Sept. 11, 2001 terrorist attacks, an e-mail containing a computer virus resulted in several deleted student files and corrupted computer programs.

Free anti-virus software is available to all students from any computer until October 2007 on the UCLA Academic Technology Web site.

Information Technology officials recommend that members of the UCLA community who suspect their computers have been compromised by either the MS Blaster or SoBig.F worm log on to the Microsoft Web site for software patches.

With reports from Daily Bruin wire services. To download free anti-virus software provided by UCLA, log on to www.ats.ucla.edu.