Virus worms its way into BYU computers

Mydoom's rapid spread hinges on the 'trust factor'

PROVO — Brent Harker set out Monday to ease the e-mail burden on students at Brigham Young University.

The idea backfired when the Novarg, or Mydoom, virus struck campus at the same time that a list of 30,000 BYU student e-mail addresses was open on the university's network.

Inadvertently, the school provided a gateway for the virus to every student's computer.

"We were trying out software that allows us to send messages at 2 a.m., when the system is least busy," said Harker, director of Web communications. "During the day, I don't want to burden the system with 30,000 messages. We had to open that list to make the software work.

"The virus caught us with our list open."

The virus mimicked a message from University Communications and included an attachment named "zip.doc." Some students sent e-mails to Harker with complaints. Most realized the message was bogus.

"Our students are pretty well-experienced with these things," Harker said. "A lot of them recognize that unusual messages with attachments are dangerous. They also know that University Communications never sends messages with attachments, and we have a special way of formatting our messages that students get used to. When they see something unusual, that's a signal not to open a message."

But many people still do not get that message.

The continued spread Tuesday of the cleverly engineered computer virus exposed a key flaw in the global embrace of technology: Its users are human.

Posing as a legitimate computer error message, the worm successfully tricked e-mail recipients into spreading it to friends, co-workers and business associates.

Although users have grown wiser about falling for such tricks, virus writers have also gotten smarter about fooling them.

"People that are bent on doing these things continue to display a high degree of intelligence," said Bob Jorgensen of Boeing Co., whose e-mail systems slowed down because of the worm. "We need to continue to work to stay one step ahead" through better technology and education.

MessageLabs Inc., which scans e-mail for viruses, said one in every 12 messages contained the worm. Security experts described it as the largest outbreak in months.

"It's the trust factor you are exploiting," said Oliver Friedrichs, senior research manager with anti-virus vendor Symantec Corp. "Most people, when they receive something, they want to trust it. You don't want to miss something people may be sending you."

Upon activation — usually when a recipient clicks on an e-mail attachment — the rogue program searches though address books and sends itself to e-mail addresses it finds. It chooses one as the sender, so recipients may believe the message comes from someone known.

Comments

• Most Popular
• Most Commented

1. BYU football: Quest still alive — Cougars remain perfect, but it isn't easy
2. BYU football: Cougar win seems just like old times
3. College football polls: BYU 8, 9; Utah 13, 14
4. Death on the line
5. Jewish family makes peace with LDS baptism
6. All that money you've lost — where did it go? Did it exist?
7. Utah Jazz: Players ready for 'real' season
8. BYU football: Mendenhall not surprised by fourth-and-one decision
9. BYU football: Long bemoans call that 'changed momentum'
10. Utah Utes football: Special teams, defense lead Utes to 7-0 record

1. Shame on LDS Church 480
2. LDS Church urges pro-Proposition 8 calls 294
3. Calls about Prop. 8 not imminent 218
4. BYU football: Quest still alive — Cougars remain perfect, but it isn't easy 175
5. Sparks fly over lousy economy 169
6. Speed gamer: BYU's Collie average on the track, unbeatable on the field 146
7. Utah Utes football: Special teams, defense lead Utes to 7-0 record 118
8. College football polls: BYU 8, 9; Utah 13, 14 109
9. Palin unlawfully abused power in trooper firing, inquiry finds 106
10. Details on new LDS temples revealed 103
11. (Stories published in the last five days with the most comments)

• A & E
• LDS news
• Sports