E-mail virus
wreaks havoc'Melissa' detected in Hawaii
Staff and wire reports
e-mail systems, but no reports
of serious problems so farThe "Melissa" computer virus has proved to be a very unwelcome guest, turning the digital superhighway against its own users by swamping thousands of computers with bogus e-mail.
The virus began to show up Friday and spread rapidly yesterday, slipping into systems via e-mail and forcing computers to fire off dozens of infected messages to friends and colleagues.
Once opened, the virus immediately reads the user's e-mail address book and sends an infected message to the first 50 entries.
People whose last name begin with "A" or "B" have been particularly beleaguered by Melissa because most e-mail address books are arranged in alphabetical order.
Although the virus apparently causes no permanent damage to a computer, its clogging affects were far-reaching. All new Microsoft Word documents created on an infected computer will contain the virus, too.
In Hawaii, there were no reports of serious effects today but businesses and Internet service providers said they were keeping a sharp lookout.
Melissa was detected Friday in the Army's unclassied e-mail system at Fort Shafter, said John Fairbank, public affairs officer. "We did an immediate shutdown of our unclassified e-mail system," he said. Anti-virus software was installed and the system was back up yesterday.
First Hawaiian Bank spokesman Gerry Keir said the bank had been unaffected but was taking precautions to see that the virus doesn't hit.
At Hawaiian Electric Industries Inc., corporate auditor Sterling Yee said technicians heard about the problem Friday and shut the e-mail system down to install anti-virus measures.
"We were probably down a bit too long," Yee said. Because it shut down so early the company didn't receive e-mail circulated messages about how to deal with the problem and that made the task a bit harder, he said.
At GTE Hawaiian Tel, it has been "business as usual," said a spokesman, Keith Kamisugi. However, employees were informed about the virus and what steps they should take to avoid it, he said.
Hawaii Internet service providers said the existence of a virus that lives and spreads through e-mail puts them in an awkward position.
LavaNet Inc., like other providers, has a policy of "keeping out of our customers' mail as much as possible," said network chief Clifton Royston.
"On the other hand, we're not doing our customers a favor if we allow them to be infected by a virus that we possibly could have prevented from getting to them," Royston said.
"We're also not doing the 'Net a favor" by not stepping in to stop a spread, he said. The policy debate was going on at LavaNet today as the company tried to decide whether to step in.
GST Hawaii OnLine's director technical support Joey Sheremepa said that so far, his service is staying out of it but keeping watch.
"We sell Internet service. It's really up to our customers what they do with what they open," he said. But Sheremepa also said the providers are considering whether they should get involved.
Nationally, companies reporting problems included the chemical company DuPont in Wilmington, Del.; electronics maker Honeywell Inc. in Minneapolis; Lockheed Martin Corp., the aerospace company in Bethesda, Md.; the Associated Press Broadcast Services in Washington, D.C.; and Compaq Computer Corp. in Houston.
Michael Vatis, a federal prosecutor and director of the National Infrastructure Protection Center in Washington, said military and government computers were sabotaged, along with thousands of other institutions' systems.
The FBI is investigating. A software developer, Richard Smith of Phar Lap Software, has given the bureau evidence that the virus may be the work of someone who wrote and distributed a similar program two years ago, the New York Times reported today.
Smith said there are computer "fingerprints" from someone who uses the moniker VicodinES all over the Melissa virus.
Taking on Melissa
Associated Press
Recognizing Melissa and what to do if it shows up in your computer:INFORMATION ABOUT MELISSA: Details can be found on the Web at http://www.cert.org/advisories/CA-99-04-Melissa-Macro-Virus.html. Microsoft has a patch available at http://www.microsoft.com/security/bulletins/ms99-002.asp.
DETECTING MELISSA: If you get an e-mail from someone you know with the subject line, "Important Message from," followed by their name, there's a good chance you've got Melissa lurking in your in-box. A macro virus can't infect your computer unless you open the attachment, so the best thing to do is don't open the message or the attached Word document. Delete it immediately.
ELIMINATING MELISSA: If you opened up the attached Word document you've now been infected with the Melissa virus. Go to the Web site of one of several anti-virus companies:
Sophos at http://www.sophos.com/downloads/ide/index.html/melissa
PROTECTING AGAINST MELISSA: Katherin Fithen of the Computer Emergency Response Team at Carnegie Mellon University in Pittsburgh urges all computer users to update their virus software and use it. Macro viruses are easy to write, and thus, easy to develop software patches to defend against. Check with the manufacturer of your anti-virus software often and get the latest updates. Also be sure to tell Microsoft Word to prevent automatic macro running. It's under the menu item "Tools." Select "Options . . . " and then select the "General" tab. Be sure the "Macro virus protection" box is checked.
