Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗
- Author: Paul Mungo
- Performer: -
Book online «Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗». Author Paul Mungo
In Britain, New Scotland Yard’s Computer Crime Unit recently compiled a list of
the country’s most troublesome bugs, which originated in places as diverse as
New Zealand, Taiwan. Italy, Israel (the Jerusalem virus), Austria, Pakistan
(Brain), Switzerland, India, and Spain—as well as a couple from the United
States and even one that is believed to be from China.
The increasing links between virus writers in different parts of the world is
demonstrated by the growing number of adaptations of existing viruses. The
Vienna virus, which Ralph Burger had included in his Das grosse
Computerirenbuch spawned a whole series of knockoffs, with slightly differing
payloads and messages. As did the Jerusalem virus: there are now perhaps a
hundred variants, all based on the one prototype. The knockoffs come from all
over the world: Australia, the Netherlands, the republics of the former Soviet
Union, Britain, South Africa, Czechoslovakia, Malaysia, Argentina, Spain,
Switzerland, the United States—the list is only slightly shorter than the
membership of the U.N. Some of the new variants are just jokes, and play tunes,
but others are even more destructive than the original.
Jerusalem’s most fearsome variant came from Asia. Called Invader, this bug
first appeared in Taiwan in July 1990, where it is presumed to have been
written. Within a month it had swept through the Far East and was reported to
have reached North America. Just four months later it was found at the Canadian
Computer Show, where it was running amok on the PC displays. Invader is an
exceptionally sophisticated variant. It would infect a target computer’s hard
disk, diskettes, and program files, and its payload was devastating: it would
zap data stored on a hard disk or diskette to the sound of an exploding bomb
whenever a particular, quite common, piece of drafting software, called
Autocad, was loaded.
Invader is part of the new generation of viruses: destructive, malicious, and
clever. Since 1988, as the number of bugs has grown exponentially, virus
techniques have improved dramatically, and their infection strategies have
become more effective, which means they have a better chance of traveling. They
exploit obscure functions of computers in order to evade detection; they can
trash data; and in some cases, they can zero out large-scale computer networks.
While the early viruses could cause damage, it was generally by accident; the
new strains are programmed to be destructive. Some seem demonic and frenzied,
as if the virus writer was driven by a personal animus.
On January 15, 1991, the principal bank on the Mediterranean island of Malta
was attacked by a particularly vicious bug. The first warning of the virus was
an announcement that popped up suddenly on the computer screen:
DISK DESTROYER—A SOUVENIR OF MALTA I HAVE JUST DESTROYED THE FAT ON YOUR
DISK!!
HOWEVER, I HAVE KEPT A COPY IN RAM, AND IM GIVING YOU
A LAST CHANCE TO RESTORE YOUR PRECIOUS DATA.
WARNING: IF YOU RESET NOW ALL YOUR DATA
WILL BE LOST FOREVER!!
YOUR DATA DEPENDS ON A GAME OF JACKPOT
CASINO DE MALTE JACKPOT+L+~+?+ ~+c+
CREDITS: 5
ANY KEY TO PLAYThe virus was, in essence, inviting operators to gamble with the data on their
hard disks. It had captured the FAT, the File Allocation Table which, despite
its unprepossessing name, is one of the most important components of a
computer’s hard disk: it is a master index that keeps track of where all the
pages for each file are kept. On a hard disk, unlike in a filing cabinet, pages
of a single file are not necessarily stored together; they are stored wherever
there happens to be disk space, which often results in “fragmentation”—
particularly of larger files. Whenever a user selects a particular file, the
FAT is responsible for finding all of the file’s parts and assembling them in
the correct order. Once corrupted, the FAT takes on all the attributes of an
unqualified temporary secretary: it can’t find anything, it loses files, and
the ones it doesn’t lose are incomplete or presented in the wrong order.
The gamble the operators faced was more or less the same as on a slot machine—
except that the computer user was playing with data instead of a coin. If he
played and lost, the virus would zap the FAT, with disastrous consequences. If
he played and won, the virus would replace the FAT it had captured with the
copy it had sequestered in the RAM, or random access memory, the computer’s
principal memory, and the area where programs are run.
When the user followed the on-screen instructions and pressed a key, the
characters in the three “windows” ran through a sequence, like a real slot
machine. The operator had five “credits,” or tries, and the game ended when
three Ls, Cs, or .~s came up. The operator could try again if a combination of
characters came up. The jackpot was three Ls. Then the operator would see the
following message on his screen: BASTARD! YOURE LUCKY THIS TIME, BUT FOR YOUR
OWN SAKE, SWITCH OFF YOUR COMPUTER NOW AND DONT TURN IT ON UNTIL TOMORROW!
Three .~s was a loser: the virus would then announce NO FUCKING CHANCE and
destroy the FAT. Three Cs, unsportingly, was also a loser: the message was:
HA HA! YOU ASSHOLE, YOUVE LOST: SAY BYE TO YOUR BALLS. Once again, the FAT
would be zapped.
The Maltese bank had no choice but to gamble. Once the virus had seized control
of the FAT, there was no possible way of retrieving it other than by coming up
with a jackpot, and the odds against that were three to one. The computer
operators pressed their keys, losing two games to every one they won and having
to rebuild the system and restore the damaged files on two thirds of their
infected computers. They also had to track down and destroy the virus, which
became known as Casino, on all of their machines, a process that required the
help of a computer security expert from Britain.
From the spelling and the use of American expressions such as asshole, it was
thought that the author of Casino was American, or perhaps a Maltese who had
previously lived in the States. But, as in so many cases, his identity was
never discovered.
Casino epitomized many of the characteristics of the new breed
of viruses: it was vicious, destructive, and its payload was curiously
spiteful. To date, the virus hasn’t spread from its island home, though that
doesn’t mean that it won’t travel in the future.
It is estimated that a virus that is going to travel will reach its peak
propagation within eighteen months. (Casino is thought to have been written
just a few weeks before it hit the bank.) About half of the viruses ever
written are less than six months old: they are, in a manner of speaking, now
waiting for their travel documents, for that odd confluence of luck and
circumstance that will unleash them throughout the world.
As the world population of computer viruses grows exponentially, so does the
potential for real disaster. Viruses will affect computer users first, but
then, indirectly, many people who have never even touched a computer will be
affected. A virus let loose in a hospital computer could harm vital records and
might result in patients receiving the wrong dosages of medicine; workers could
suffer job losses in virus-ravaged businesses; dangerous emissions could be
released from nuclear power plants if the controlling computers were
compromised; and so on. Even military operations could be affected. Already,
during the 1991 Gulf conflict, Allied forces had to contend with at least two
separate virus assaults affecting over seven thousand computers. One of the
incidents was caused by the ubiquitous Jerusalem bug, the other by a “fun”
virus from New Zealand called Stoned, which displayed the message YOUR PC IS
NOW STONED on the screen. The two outbreaks were enough to cause computer
shutdowns and the loss of data. The consequences for the military, now utterly
dependent on computers, of an attack by one of the newer, more destructive
viruses—perhaps one unleashed by the enemy—could be catastrophic.
In truth, there has been no major disaster, no loss of life or jobs due to a
virus. The only losses to date have been financial. But hospitals have already
found viruses lurking in their systems; the military has been affected; and a
Russian nuclear power plant’s central computer was once shut down because of a
virus. None of the bugs were destructive, but it is probably only a matter of
time before there is a real catastrophe.
It is now believed by many that the real threat from computer viruses will
escalate in the mid-nineties when a new generation of bugs begins to spread
throughout the industrialized countries of the West. The new viruses will
attack from every corner of the world, but the biggest threat will come from
one country—Bulgaria.
The first call came in to the Help Desk of a California magazme publisher just
after five P.M. on Thursday, June 27, 1991.3 The company has 1,500 interlinked
computers spread around three buildings. The Help Desk, part of the
technical-support department, works as a sort of troubleshooter for the entire
networked system, dealing with routine problems and helping the less computer-literate staff with their hassles.
“My computer has started making a noise,” said the caller.
In the normal run of events, noises, apart from the standard beep when starting
up or the low-pitched whir of the machine’s cooling system, are not part of a
computer’s standard repertoire. A noise usually suggests a problem—a
high-pitched whine can be a warning that the computer’s monitor is faulty; a
loud hum can signal a difficulty with the hard disk.
“What sort of noise?” asked the girl at the Help Desk.
“I don’t know, it’s just a noise. I’ve switched it off. Can someone come over?”
Seconds later the Help Desk received a call from another user with the same
problem. Then the switchboard lit up. There were callers from all over the
company, all with the same complaint: their computers were making odd noises.
It may be a tune, one of the callers added helpfully, coming from the
computer’s small internal speaker. The sixth caller recognized the melody. The
computers were all playing tinny renditions of “Yankee Doodle.”
To the specialists in the technical-support department, the discovery that the
tune was “Yankee Doodle” was confirmation that
they had been hit by a virus, and a well-known one at that. The Yankee Doodle
virus had first been seen in 1989 and was said to be relatively harmless. There
are a number of variants of the bug but most simply cause computers to play
“Yankee Doodle.” This particular variant, known as Version 44, played the tune
at five P.M. every eight days.
The company arranged for antiviral software to be shipped overnight by Federal
Express. The publishers of the software assured the Help Desk that they would
simply need to run the program on the computers to locate the infected files
and kill the virus; the files wouldn’t be damaged and no data would be lost.
Yankee Doodle was a nuisance, they said, but not a major problem.
On Friday morning the technical-support staff began the timeconsuming task of
checking every computer in the company. They discovered that eighteen of their
machines had been hit by the virus and that the killer function of the software
they had just bought wouldn’t work on their particular variant of Yankee Doodle. Instead, to clean the bug out, they would need to delete all infected
files and replace them.
The virus they were fighting is generally transferred by diskette. It attaches
itself to an executable file—a word-processing program or a game,
Comments (0)