Agency computers nailed by new virus

Computers at federal offices around the country were tied up Monday by a new computer virus transmitted through e-mail systems.

At a Monday afternoon briefing at FBI headquarters in Washington, Michael Vatis, the head of the National Infrastructure Protection Center, said that so far denial of service (users being unable to get into their e-mail systems because of excessive traffic caused by the virus) has been the greatest threat of the Melissa Macro Virus.

Although Vatis refused to specify how widespread the damage was, he said many government agencies and businesses have been affected.

"This has propagated extremely quickly," Vatis said. "Once a user is infected, you get into a cascading effect of many thousands."

Gary McGraw, a computer expert with RST in Reston, Va., said the new virus "is spreading faster than any virus ever before." Defense and Energy Department computers have been badly hit by the virus, McGraw said.

"The movement of the DoD to use commercial off-the-shelf software just places them in the same field as everyone else," said McGraw. "This just points out the risk we have because we have so much common infrastructure."

The Energy Department's Computer Incident Advisory Capability Web site reported that "this virus is spreading widely within and without of the DOE complex." The site also explains how to combat the virus.

The virus is spread as a Microsoft Word document attached to an e-mail message, with "Important Message From" in the subject line. Only users of Microsoft's Outlook and Outlook Express e-mail programs have been infected so far, experts said.

The virus reproduces itself, growing exponentially. When it is opened, it sends a message with a copy of itself attached to the first 50 e-mail addresses in the affected user's e-mail address book.

Computer viruses have existed for years and are regularly tracked by a group of software experts at the Computer Emergency Response Team at Carnegie Mellon University. But the Melissa virus, which first appeared late last week, has unleashed the first virus warning from the FBI's National Infrastructure Protection Center.

The FBI's Vatis said the agency would launch an investigation into how the virus was created and propagated. "The transmission of a virus can be a criminal matter, and the FBI is investigating," he said.

A Department of Justice spokesman said that Section 1030 of Title 18 of the Computer Security Act of 1987 makes it illegal to "knowingly cause transmission of a program, information, code, or command, and as result of such conduct, intentionally cause damage without authorization to a protected computer."

If there was a loss of more than $5,000, such a crime is a felony punishable by up to ten years in jail and $250,000 fine.

"E-mail users have the ability to significantly change the outcome of this incident," said Vatis. "I urge e-mail users to exercise caution when reading their e-mail for the next few days and to bring unusual messages to the attention of their system administrator."

Computer security experts said that the bug had its origin when certain users viewed messages posted on the Usenet newsgroup.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Sponsored by Brocade

    Best of 2016 Federal Forum eBook

    Earlier this summer, Federal and tech industry leaders convened to talk security, machine learning, network modernization, DevOps, and much more at the 2016 Federal Forum. This eBook includes a useful summary highlighting the best content shared at the 2016 Federal Forum to help agencies modernize their network infrastructure.

  • Sponsored by CDW-G

    GBC Flash Poll Series: Merger & Acquisitions

    Download this GBC Flash Poll to learn more about federal perspectives on the impact of industry consolidation.

  • Sponsored by One Identity

    One Nation Under Guard: Securing User Identities Across State and Local Government

    In 2016, the government can expect even more sophisticated threats on the horizon, making it all the more imperative that agencies enforce proper identity and access management (IAM) practices. In order to better measure the current state of IAM at the state and local level, Government Business Council (GBC) conducted an in-depth research study of state and local employees.

  • Sponsored by Aquilent

    The Next Federal Evolution of Cloud

    This GBC report explains the evolution of cloud computing in federal government, and provides an outlook for the future of the cloud in government IT.

  • Sponsored by Aquilent

    A DevOps Roadmap for the Federal Government

    This GBC Report discusses how DevOps is steadily gaining traction among some of government's leading IT developers and agencies.

  • Sponsored by LTC Partners, administrators of the Federal Long Term Care Insurance Program

    Approaching the Brink of Federal Retirement

    Approximately 10,000 baby boomers are reaching retirement age per day, and a growing number of federal employees are preparing themselves for the next chapter of their lives. Learn how to tackle the challenges that today's workforce faces in laying the groundwork for a smooth and secure retirement.

  • Sponsored by Hewlett Packard Enterprise

    Cyber Defense 101: Arming the Next Generation of Government Employees

    Read this issue brief to learn about the sector's most potent challenges in the new cyber landscape and how government organizations are building a robust, threat-aware infrastructure

  • Sponsored by Aquilent

    GBC Issue Brief: Cultivating Digital Services in the Federal Landscape

    Read this GBC issue brief to learn more about the current state of digital services in the government, and how key players are pushing enhancements towards a user-centric approach.

  • Sponsored by CDW-G

    Joint Enterprise Licensing Agreements

    Read this eBook to learn how defense agencies can achieve savings and efficiencies with an Enterprise Software Agreement.

  • Sponsored by Cloudera

    Government Forum Content Library

    Get all the essential resources needed for effective technology strategies in the federal landscape.


When you download a report, your information may be shared with the underwriters of that document.