Authorities are speculating that the most costly computer virus in history, known commonly as the Love Bug, may have originated as an attempt by its author to obtain free Internet access. According to CNN, investigators are saying that aside from replicating itself and destroying files, the virus also searched for sign-on names and passwords to e-mail back to the Love Bug’s creator.
The Love Bug was unleashed via two Philippine e-mail accounts at a prepaid ISP — quickly spreading around the world by way of e-mail, and through the popular chat program ICQ.
The original Love Bug was cleverly transmitted in an attachment disguised as a love letter. When the letter was clicked open, the virus not only destroyed files on the user’s computer but also sent itself to everyone listed in the user’s e-mail address book. To make matters worse, the virus also inspired copycat versions sent out under the names “joke” and “Mother’s Day.”
While it could be some time before the final costs of the Love Bug are tallied, current damage estimates are already approaching a staggering $2.6 billion (US$).
Chief technology officers across the board are reacting with frustration and fury. Yet, it seems to me that these senior managers are failing to ask a fundamental question: Why do so many countries lack laws against illegal computer hacking?
Even though Philippine authorities quickly tracked down two Love Bug suspects — and had them under surveillance since Saturday — no action was taken because hacking is not illegal in the Philippines.
The investigators eventually obtained a warrant based on suspected violation of the Access Device Act, which governs use of codes, account numbers and passwords, but the delay involved in determining grounds for arrest may have given the alleged perpetrators more than enough time to destroy any incriminating evidence. There was no computer in the apartment when the investigators made their raid.
I find it incredible that, considering the amount of dollars at stake in cyberspace on a daily basis, Big Business and governments around the world cannot find a way to prevent and punish cyber-terrorism to any meaningful degree. If authorities — elected or otherwise — turned a blind eye to real world acts of sabotage, one could only imagine the public outcry.
Assuming that no human life or limb is involved, what is the difference how $2.6 billion worth of damage gets done? Would the U.S. government sit back and watch if these corporations were being robbed at gunpoint?
Of course, the Love Bug hackers will likely soon be made into folk heroes by the media, receive a relative slap on the wrist, be sprung loose to clean up on the lecture circuit, and all will be forgotten.
After all, Kevin Mitnick — who just finished serving five years in prison for inflicting millions of dollars in damages to companies like Motorola, Novell, Nokia and Sun Microsystems — has become a full-fledged celebrity.
If his federal probation officers had not stepped in last month, the 36 year-old Mitnick would have pocketed about $20,000 by making scheduled speaking engagements this summer.
So while a new crop of hackers springs up to wreak havoc on the world, governments and businesses alike drag their feet, make excuses, and trip over one another to make heroes out of the very criminals who have just taken them for a very expensive ride.
I find myself tempted to smile until I remember that it is the Average Joe who ends up footing the bill.