Happy birthday, Melissa

They say that March comes in like a lion and goes out like a lamb. While we know this maxim refers to the sometimes dramatic changes in weather that occur at this time of year, that month is also remembered for two of the most notorious computer viruses in history (and coincidentally, both begin with the letter "M").

Ten years ago, computer viruses were mostly executable programs (.exe, .com, .bat, etc.) that typically spread via shared infected computer disks. One of the first executable viruses to inflict widespread casualties surfaced in 1991. Close inspection of this virus revealed that it would erase PC hard disks each year on March 6, which happens to be the birthday of Renaissance artist Michelangelo. The virus was quickly dubbed "Michelangelo," and it spread around the globe, infecting thousands of computers running MS-DOS or variants of the popular operating system.

Much has happened since then, and the Internet has certainly changed the way information is shared. Malicious code that once used a floppy disk to proliferate now rides the Internet to its final destination.

This became evident on March 26, 1999, when the first of a new breed of computer virus (this one dubbed "Melissa") made its debut as the first in-the-wild virus to use the information superhighway to accelerate its spread (see story). Released by David L. Smith, and named after a Florida lap dancer, Melissa is actually a Microsoft Word 97 macro virus that used the Internet as a vector for transmission. When Melissa was released, macro viruses weren't new. In fact, macro viruses for Microsoft Word first appeared as early as 1995, with more than 1,000 variants for Word and other products by 1998.

What made Melissa different from other macro viruses was the speed with which it spread. Quickly dispersed around the globe, it was estimated that Melissa infected 100,000 computers in its first 24 hours, well before any antivirus vendor had the chance to post a cure. Some sites were even forced to take their e-mail systems off-line.

So where do we stand today?

In the four years following the Melissa virus, the Internet continues to prove itself to be the de facto medium for circulating viruses, worms and Trojan horses. After Melissa, several other high-profile viruses also made headlines. With names like Naked Wife, Sircam, Nimda and Slammer, malicious code continues to flourish, forcing organizations to try and stay one step ahead.

Today, malicious mobile code is just one of many threats facing enterprises. Since no single security application can consistently protect against the threats from malicious code, those in charge of IT security need to employ several security measures.

A more proactive approach is required today to supplement current antivirus products. These might include Web content and e-mail filtering, a properly configured firewall, intrusion-detection systems and properly communicated e-mail policies. It's important to remember that any antivirus software must be updated regularly. Taking a proactive position is one of the most important steps organizations can take to mitigate loss for when the next Melissa is born.

Copyright © 2003 IDG Communications, Inc.