Agency computers nailed by new virus

Computers at federal offices around the country were tied up Monday by a new computer virus transmitted through e-mail systems.

At a Monday afternoon briefing at FBI headquarters in Washington, Michael Vatis, the head of the National Infrastructure Protection Center, said that so far denial of service (users being unable to get into their e-mail systems because of excessive traffic caused by the virus) has been the greatest threat of the Melissa Macro Virus.

Although Vatis refused to specify how widespread the damage was, he said many government agencies and businesses have been affected.

"This has propagated extremely quickly," Vatis said. "Once a user is infected, you get into a cascading effect of many thousands."

Gary McGraw, a computer expert with RST in Reston, Va., said the new virus "is spreading faster than any virus ever before." Defense and Energy Department computers have been badly hit by the virus, McGraw said.

"The movement of the DoD to use commercial off-the-shelf software just places them in the same field as everyone else," said McGraw. "This just points out the risk we have because we have so much common infrastructure."

The Energy Department's Computer Incident Advisory Capability Web site reported that "this virus is spreading widely within and without of the DOE complex." The site also explains how to combat the virus.

The virus is spread as a Microsoft Word document attached to an e-mail message, with "Important Message From" in the subject line. Only users of Microsoft's Outlook and Outlook Express e-mail programs have been infected so far, experts said.

The virus reproduces itself, growing exponentially. When it is opened, it sends a message with a copy of itself attached to the first 50 e-mail addresses in the affected user's e-mail address book.

Computer viruses have existed for years and are regularly tracked by a group of software experts at the Computer Emergency Response Team at Carnegie Mellon University. But the Melissa virus, which first appeared late last week, has unleashed the first virus warning from the FBI's National Infrastructure Protection Center.

The FBI's Vatis said the agency would launch an investigation into how the virus was created and propagated. "The transmission of a virus can be a criminal matter, and the FBI is investigating," he said.

A Department of Justice spokesman said that Section 1030 of Title 18 of the Computer Security Act of 1987 makes it illegal to "knowingly cause transmission of a program, information, code, or command, and as result of such conduct, intentionally cause damage without authorization to a protected computer."

If there was a loss of more than $5,000, such a crime is a felony punishable by up to ten years in jail and $250,000 fine.

"E-mail users have the ability to significantly change the outcome of this incident," said Vatis. "I urge e-mail users to exercise caution when reading their e-mail for the next few days and to bring unusual messages to the attention of their system administrator."

Computer security experts said that the bug had its origin when certain users viewed messages posted on the Usenet newsgroup.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

  • The Big Data Campaign Trail

    With everyone so focused on security following recent breaches at federal, state and local government and education institutions, there has been little emphasis on the need for better operations. This report breaks down some of the biggest operational challenges in IT management and provides insight into how agencies and leaders can successfully solve some of the biggest lingering government IT issues.

  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care


When you download a report, your information may be shared with the underwriters of that document.