News: Analysis & Commentary
Commentary: Melissa Is Sending You a Warning
As computer bugs go, Melissa is a doozie. On Mar. 26, someone using the moniker Sky Roket posted this new virus on the Net's alt.sex newsgroup, and from there it was mailed out across the Internet. Embedded in the E-mail were the name "Melissa" and a list of porn Web sites. Within days, Melissa had infected hundreds of thousands of computers across the U.S., Europe, and Asia. It even forced the shutdown of the E-mail system at software giant Microsoft Corp.
Melissa didn't get me. Nor did a couple of copycat viruses called Mad Cow and Papa. But I was safe only because my company doesn't use Microsoft's Outlook E-mail program--the one targeted by these bugs. Usually, I ignore the threat of viruses. Until Melissa came along, I had never checked to make sure I had virus protection on my office PC. (I do.) I should know better, but I have not once downloaded an update to protect me from the 200 or so new strains that appear each month. Just paint a big bull's-eye on my disk drive.
I'm not alone. Computer-security experts estimate that while most corporate PC users have at least rudimentary protection from viruses, fewer than 30% regularly update their antivirus software to protect themselves from the latest strains. "We have to change the mind-set of consumers," says professor Eugene H. Spafford, a computer-security specialist at Purdue University. "Melissa is just a warning. Things are going to get a lot worse."
Why? For starters, the Net is the perfect distribution vehicle for computer viruses--connecting nearly 200 million people worldwide. Melissa spread quickly via the Web because it replicates by sending out E-mails from each computer it corrupts--like a chain letter on speed. Inserted in a Word file, Melissa was able to instruct computers to send E-mails to the top 50 names in recipients' address books because of the way Microsoft weaves together its word-processor and E-mail programs. Purdue's Spafford worries that that integration makes it easier for hackers. Then there's hackers' ever-growing ingenuity. These days, they're using viruses to break into corporations and steal secrets without leaving a trace.
Don't blame the computer industry. Companies such as Symantec Corp. and Network Associates Inc. work around the clock to spot new viruses and publish inoculations and cures within hours of outbreaks. And most PC companies now ship an antivirus program with each machine. Microsoft and Apple Computer Inc. could integrate antivirus protection into their operating systems. But in this case, they're wise to leave the job to the specialists who make virus detection their business.
Thankfully, Melissa turned out to be an annoyance rather than a truly destructive force designed to damage programs. In that sense, we all got off easy. Still, it should be a wake-up call to wired organizations and individual computer users everywhere. Yes, that means you. So get with it, or someday, one of Melissa's nastier relatives could come calling.By Steve Hamm