Information Warfare: February 13, 2002


Spare a Few Viruses?- In 2001, the Department of Defense flipped when they discovered that U.S. software companies were giving China copies of deadly computer viruses that had not been "in the wild" much. Given the Chinese government's published attitudes towards cyberwar and the United States (the Chinese want to use the former on the latter), this particular export raised pulse rates in the Pentagon. However, like anything involving China and computers, all was not what it appeared to be. China wanted copies of those viruses so that it could test the anti-virus software it was buying. The American firms figured they were just performing a courtesy, as they were pretty sure they were not the only ones who possessed these particular 300 viruses. That might have been all these was to it. After all, the year before the Chinese had passed a law providing severe punishment for anyone releasing computer viruses. China has been having growing problems with computer viruses throughout the 1990s. At the same time, there were a number of innovative new viruses released in 2001, that were traced back to China.

At the end of 2001, there were over 71,000 computer viruses identified as "in the wild" (found on a computer other than the one they were created on.) Ten years earlier, there only about a thousand known computer viruses. In December, 2001 alone, 1,256 new viruses were discovered. Now most of the existing viruses are either obsolete (the hardware and software they were designed to attack no longer exist, or are very rare connected to the Internet) or relatively harmless. Some were designed to be harmless, others were poorly put together and simply don't function as intended. Moreover, many "new" viruses are just variations of older ones. Moreover, a few viruses tend to do most of the damage. In December, 2001, over 90 percent of the reported virus infections were by one virus; Badtrans-B (a variant of the original Badtrans.) This one spread as an attachment to email when it was delivered to systems using Microsoft Outlook. 

You can buy, or get for free on the Internet, "how to" kits for building computer viruses. Creating viruses has become a compelling, some say addicting, hobby with many programmers and network engineers. Normally, new ideas are freely exchanged, or at least posted in places where others will pick up and spread the word. But apparently there also some reclusive, and quite good, virus designers who only communicate through their work. The fear is that one of these lads, or the Chinese military, will develop a "doomsday virus" that will bring down the entire Internet. That is theoretically possible, for a while at least, if you hit the specialized computers that control the behind-the-scenes stuff on the Internet. 

Like most unknown terrors, this one has a smidgen of truth attached to it. And like most doomsday weapons, the best defense is to have some of your own. While this worked with nuclear weapons (the first truly "doomsday" weapon), an Internet weapon of that caliber will only work if the other side knows you have it. But if you let them know you have it, you have to explain it for it to be credible. However, if you explain it, countermeasures can be devised which will downgrade it from "doomsday" to, say "damn nuisance" status. 

And this is another reason why computer viruses are considered such nasty weapons.




Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close