Keeping the creepy crawlies out of your system

For those of you who keep archives of IJ, you’ll notice that almost one year ago (to the day of writing, actually) I wrote a column talking about viruses and worms.

Creepy, isn’t it. At the time, I was talking about the “Happy.exe” worm. Interesting that one year later we are “sharing the love,” so to speak.

The “ILOVEYOU” worm and its variants hit the world hard recently. Harmless prank? Doubt it. Intricate and crafty software application development? Far from it. Preventable with software? More than just scan it.

Did you feel the Love?
On May 4, 2000, people around the world starting receiving e-mails that provided an attachment with the subject “ILOVEYOU.” One click and the trap was sprung.

In a matter of moments I watched ZDNet.com’s discussion board light up with reports from all over the nation about how the bug had bogged down mail servers and was bringing businesses large and small to a virtual standstill.

A friend of mine who is a systems analyst for the local university tried to stem the tide after it began by using the university’s “spam filters” to prevent new “Love Bug” messages from entering the university’s mail systems. They were bouncing more than 300 messages a minute.

Two weeks later, there are 29 variants to choose from, according to the Symantec Antivirus Research Center. Some talk about clicking to open up a virus scan patch or picture that shows what the code looks like. One was a supposed e-receipt for jewelry.

The cost? Try costs up to $15 billion worldwide. How long before the insurance claims start rolling in?

All these variants have the capability to overwrite-virtually delete-almost any type of file from JPEGS to text files from Excel to your computer’s COM files. This potentially could mean lost productivity, loss claims and files, lost income. And it’s not likely to get any easier.

Why? Virus composition is getting easier. Officially named “VBS.LoveLetter.A” this worm was created using Visual Basic-
a very easy language to learn. How easy? According to Mcafee.com’s director of engineering, this is a language taught in elementary and high school.

It wasn’t very pretty, but it got the job done. Anyone with a class or a book on it could have put this together.

It is so easy that the downloadable file can be modified to create your own personal brand of damage (hence the 29 variants). In fact, the folks at Mcafee said that most of the creators of the variants either changed the subject and e-mail message to get readers to open it or changed the file extensions to something else, leaving the “meat” of the worm intact.

Like the X-files- trust no one
I was fortunate. I run a Groupwise client and therefore wasn’t affected. Many people say that it’s only for those on Outlook Express. That’s true, but short-sighted. Outlook and Outlook Express were chosen because these virus creators are trying to do the most damage possible and Microsoft is still king of the heap. There are holes in every e-mail client if you look long and hard enough.

The point is that you can’t rely on your own e-mail systems’ inherent programming-you have to be on your toes with e-mail. Most people believe that if you get a virus-scanning product then you’re safe. That is partly true, and the ten-fold jump in Mcafee.com’s site traffic is evidence to that fact.

But effective virus scanning requires work on your part. You’ve got to maintain current virus DAT lists, as well as periodic scheduled scans of everything-program files, subfolders, data files, the works. If you are using a disk-based product, this means downloads, installations and then scanning.

Many application service providers like Mcafee.com will send you updates automatically whenever you log onto the Internet-providing you buy a yearly subscription. However, most virus scanning applications work reactively.

They provide updates after the virus has hit. This means that a clean computer is more than the regular virus scan. It involves good habits and common sense.

Don’t take candy from strangers
First, on your e-mail programs, disable the auto-launch or auto-preview features for attachments. This prevents your e-mail app from launching the worm before you ever have the chance to check it.

Second, question the e-mails you get from people. If there are attachments that don’t look right, delete them, or at least save them to your hard drive and then scan them. The problem with worms like the Love Bug is that if you were infected, everyone on your e-mail list would get mail from you. You can’t just suspect spam mail or “unknown sender” mail any more.

Know what you are downloading and know where it is coming from. Sure, you’d trust standard data files coming electronically from an insurance company, but I’d be suspicious about the “click-me-for-fun.exe” file found on crackers.com or something like that.

Finally, while most people think that keeping the program file disks are enough in the event of a virus attack-data files are what really need to be backed up. From customer lists to claim histories to AR/AP, you’ll want to make sure you keep backups of your data files. Regularly move a copy of it to some sort of floppy/Zip or CD-ROM. With current CD-ROM writers and rewriters dropping, it might be a worthwhile investment.

Viruses are not going to go away. In fact, they’ll probably get even nastier. I’ll probably be looking at this column next year when the next one hits.

However, good e-mail, downloading and backup practices coupled with updated virus software will make it harder for the bugs and the worms to work their way into your agency. And that’s something you’ve got to “love.”

Technocracy is a regular column designed to examine and explain new technology and how it applies to the insurance industry. Readers are encouraged to e-mail questions or comments to John Chivvis at ijwest@insurancejournal.com.