'I love you' can really hurt
Three words brought grief to millions of computer users around the world last month. The I Love You Virus, also known as the Love Bug and the Killer from Manila (the virus originated in the Philippines) is thought to have been received by 70 per cent of the PCs in Britain and infected millions of computers across the globe.
As viruses go, I Love You Virus was a nasty one. It arrived as a file attached to a short message telling recipients to check the attached love message. Simply reading the message caused no problems, but, clicking onto the attachment released the virus into the PC. Once set free, the ILY virus infected graphics and sound files such as JPEGs, GIFs and MP3 files. It also hijacked the Microsoft Outlook address book and sent itself to every email address listed. On a more sinister note, the ILY virus also looked for passwords and attempted to email them to a site presumably set up by its creator.
The ILY virus caused disruption to organisations such as BT and the House of Commons, which shut its email system, but the number of schools and educational organisations hit is hard to gauge. One educational IT company affected by the virus was RM, which operates the Internet for Learning service.
"We heard about the virus first thing in the morning and immediately took steps to stop it entering the IFL network," explains Tim Clark, RM's Internet marketing manager. "By the time we did that, we estimate about 100 schools had had the virus passed to them. We immediately made information available on our website and provided a link to the BBC news site, which was reporting on the virus."
RM's told schools to delete the file and asked PC users not to send warning messages to friends: "This causes just as much trouble," says Clark, "because it causes panic. Our helpline had about 100 calls from people who had had warnings and were needlessly worried they had got the virus after reading the message."
RM checked the mailboxes of about 27,000 customers who had the facility to create messages off-line, plus another half a million web-based mailboxes. Schools infected by the virus were told to isolate their server from the Internet and use a disinfectant program created by RM or to write over the entire server using the back-up data from the day before. However, not all schools were in a position to do this, as some only made a weekly back-up on a Friday (the virus struck on May 11).
Clark adds: "We were able to do a good job because we had good processes in place so the virus caused minimal disruption to our customers. But you always have to b ready for the next big one."
The I Love You virus spawned a series of imitators, as well as a more vicious version dubbed New Love-A. This was more sophisticated than ILU as it erased an entire hard drive and also sent itself to the first 50 names in the user's address book, adopting a range of aliases.
Critics say Microsoft has not built enough security into its software and Windows operating system, making it easy for viruses to infect PCs using Windows. Microsoft argues its PCs get the most virus attacks because it has the more computers in use. The company is also developing upgrades to make PCs more secure. Free downloads and information are available on www.microsoft.com.
Adrian Carey, director of educational services of Edex, the educational Internet company, says: "I was not aware of any problems with our customers. We were alerted to the virus quickly and removed it from our servers. The key to protection is education. Even if you had done all the right things and passed the ILY email through a virus checker, it would not have been detected as it was new. People should be suspicious of multiple emails from the same source, especially if unknown and not open them."
A spokeswoman from the British Educational Computing and Technology Agency, said her organisation had not been affected either: "We have a very good support team who quickly warned all of us about the virus."
PROTECTION IS BETTER THAN CURE
* Have a virus checker in place and make sure you always use the latest version. Regularly check the manufacturers' websites for news and updates to download.
* Tell staff, pupils and teachers to be wary about attachments from unknown sources. If you haven't asked for an attachment and don't know who it's from, don't open it.
* If possible, cut-and-paste text messages into an email. Not only will all recipients then be able to read it on their computers, viruses can't hide in text emails.
* Remember that floppy disks can also carry viruses. And it's not unknown for a CD-Rom to carry them, too.
* Make regular back-ups of important files and data, preferably every day.
* Have a system in place so you know what to do if your network becomes infected . This should include isolating infected computers, cleaning them and restoring data.
* Most viruses are developed for PCs running Microsoft Windows, but don't get complacent if you use Acorn, Apple or Linux computers. Viruses do exist for non-PC computers and someone is sure to make one that attacks both types of computer.
* Try to have standby systems for crucial operations on your computers and make sure you know email, phone and fax numbers of contacts.