Text of FBI 'Melissa' warning
Published: 29 Mar 1999 08:59 BST
National Infrastructure Protection Centre (NIPC) was notified on March 26, 1999, of the proliferation of a computer virus known as the "Melissa Macro Virus" (MMV). There have been widespread reports of propagation of this virus into commercial, government and military e-mail gateways and systems. The MMV has the capability of causing a denial of service and degraded computer network performance, which could result in system administrators' having to shut-down affected networks and e-mail servers. The NIPC has received reports of significant network degradation and e-mail outages at major corporations and Internet Service Providers. The NIPC has received no reports of the virus causing any alteration of or damage to any data contained in the infected systems.
The MMV exploits a vulnerability that exists in the Microsoft computer software applications Word 97 and Word 2000. The virus is transmitted via an attachment to innocuous e-mail messages transmitted to unsuspecting computer users via the Internet and related networks. The virus is activated when a user opens the infected document. A command is immediately executed that lowers the security settings in the Microsoft Word 97 or Word 2000 application to permit all macro files to run and any newly created Word documents to be infected. The virus spreads by transmitting e-mail messages containing the infected documents to addresses contained in the infected user's e-mail address book. Corrective measures have been developed to guard against infection by the "Melissa Macro Virus" at the network and user level. In addition, leading virus detection utilities (including Symantec {http://www.symantec.com}, McAfee {http://www.mcafee.com}, and Trend Micro {http://www.antivirus.com}), when updated properly after March 26, 1999, reportedly detect and clean this type of macro viruses. NIPC Director Michael A. Vatis states, "e-mail users have the ability to significantly change the outcome of this incident. I urge e-mail users to exercise caution when reading their e-mail for the next few days and to bring unusual messages to the attention of their system administrator. The transmission of a virus can be a criminal matter, and the FBI is investigating."
The MMV has significant potential to cause more-widespread harm than it has to date. In an effort to reduce the impact of the MMV on computer networks, users can take several actions:
As the virus requires the user to open an infected document to continue the propagation, users should carefully check their e-mail boxes for any message containing as part of the subject: Important Message From
If such a message is found, please contact your system administrator or other responsible party for assistance. Users and system administrators alike should consult reputable information sources for more assistance on how to detect and minimize the impact of the MMV. Information on detection and mitigation strategies can be obtained online from CERT (the Computer Emergency Response Team at Carnegie Mellon University) at http://www.cert.org.
The NIPC is a multi-agency organisation whose mission is both a national security and law enforcement effort to detect, deter, assess, warn of, respond to, and investigate computer intrusions and other unlawful acts that threaten or target our Nation's critical infrastructures. Located in the FBI's headquarters building in Washington, D.C., the NIPC brings together representatives from the FBI, other U.S. government agencies, state and local governments, and the private sector in a partnership to protect our Nation's critical infrastructures. More information on the NIPC is available on the World Wide Web at http://www.nipc.gov.
Did you find this article useful?
24 out of 52 people found this useful
- Share this article:
