Case Analysis — The Melissa Virus
Introduction:
Early in 1999, a particular kind of email virus called Melissa started to cause problems. It was a Microsoft Outlook-based system-targeting mass-mailing macro virus. Melissa virus became one of the fastest-spreading viruses, pushing towards an awareness of the risk and potential damage associated in accepting unsolicited email attachments. The virus improved online security while also serving as more of an inspiration for stronger infections to come. The Melissa virus had such an impact that its inventor was apprehended and given a prison term a few months later. After gaining control of an AOL account and using it to deliver the quickly proliferating virus through emails, a programmer by the name of David Lee Smith created the mass-mailing macro virus. The virus was not programmed to steal any money or private information, but it wreaked a lot of havoc. Many email servers had to be shut down. Within a few days, cyber security experts had mostly contained the spread of the virus and restored the functionality of their networks, although it took some time to remove the infections entirely. The effect of the virus was so drastic that after the attack was contained and the creator was arrested and sent to prison, the Federal Bureau of Investigation (FBI) launched a new national Cyber Division focused on online crimes
The attack:-
Computer viruses, as well as the public’s awareness of the methods used to release them, were still relatively novel concepts to many Americans 20 years ago. It would drastically change after one attack. Late in March 1999, a programmer by the name of David Lee Smith took control of an America Online (AOL) account and posted a file to the “alt.sex” Internet newsgroup. Several free passwords to adult-content websites were advertised in the posting. A virus was released on customers’ PCs after they fell for the trick, downloading the document, and then opened it in Microsoft Word. The subject line of the email containing the attachment containing the Melissa virus read, “This is an important message from [the sender’s username] and the paper you requested is attached. Keep it a secret from others ;-) “. The provided file really contained a Visual Basic script instead of the list of passwords for various websites that required memberships. The malicious file was copied by the script into a Word template file that has default macros and custom settings. The recipient of the email received a copy of the document. The virus then used Visual Basic code to build an Outlook object, read the first 50 names from each Outlook Global Address Book, and delivered the identical infected email.
When an attachment is opened, the malicious file is read into computer storage. The virus then used Visual Basic code to construct an Outlook object, read the first 50 names from each Outlook Global Address Book, and transmitted the identical corrupted document and email. Smith launched the virus on March 26, 1999. Large networks were clogged, but data or money were not supposed to be stolen. The computer emergency response team, which is supported by the US Department of Defence, published a warning about the infection and later created a remedy. Many email servers had to be shut down. Within a few days, cybersecurity experts had mostly contained the spread of the virus and restored the functionality of their networks, although it took some time to remove the infections entirely
Impact:-
The Melissa virus, considered the fastest spreading infection at the time, was a rude awakening to the dark side of the web for many Americans. Awareness of the danger of opening unsolicited email attachments began to grow, along with the reality of online viruses and the damage they can do. One of the first viruses to garner widespread attention was the Melissa virus, which is thought to have cost an estimated $80 million in damage and necessitated extensive cleanup and computer system repairs. The FBI website claims that the malware completely shut down certain email servers after it overloaded those at more than 300 businesses and government organisations. By spreading itself across the mailing lists of affected devices, the virus was able to infect thousands of computers. Although some time was needed to remove the virus completely, cyber security experts tried to contain the virus completely and ultimately restored the network functionality. Following the virus’s propagation, the FBI issued alerts about Melissa and details of its effects, which helped to lessen the virus’s consequences. Smith was caught thanks to a coordinated effort between the FBI, New Jersey law enforcement, and an AOL official. Smith was detained on April 1 of that year. Claiming it was a prank and that he had no idea the virus would inflict that much harm, he promised to work with federal and state authorities on the case. In December 1999, Smith plead guilty to both state and federal charges. Smith was sentenced to a total of 20 months in federal prison and a $5,000 fine. This outbreak raised the awareness of how rapidly a computer virus could propagate, and at the time, there were no efficient government systems in place to track down and investigate similar attacks.
Email viruses and other security threats and how to avoid them:-
Phishing:-
Attacks known as “phishing” include delivering false communications that seem to be from a reliable source. Email is typically used for this. The intention is to steal personal information like credit card numbers and login credentials or to infect the victim’s computer with malware. Everyone should become aware of phishing, a prevalent form of cyber-attack, in order to defend oneself.
To avoid viruses similar to the Melissa virus, computer users should follow best practices regarding avoiding mail and phishing viruses. These include the following:
Do not open attachments from unknown email addresses. Avoid opening executable files included as attachments. Use antivirus and antispyware software to scan devices. Scan an email message’s attachments for malware. Use desktop and network firewalls. Use a gateway email filter and web security gateway. Double-check the email address to confirm the email is from a legitimate source. Update and patch mail clients, web browsers and operating systems regularly. Watch for other potential warning signs, such as obvious grammatical errors, suspicious attachments and strange domain names.
Summary:-
In 1999 late March, America Online (AOL) account was hijacked by David Lee Smith a programmer and he used it to post a file on an internet newsgroup named “alt.sex”. The file posted promised dozen of free passwords to paid/feebased websites adult content. But when the users downloaded & opened the file with Microsoft Word, a virus was unleashed on their computers. On March 26, the virus spread throughout the internet like wildfire. The Melissa Virus named by Smith after a stripper in Florida, took over the Microsoft Word program of the victims. Then a macro hijacked their Microsoft Outlook email system and sent email to their first 50 addresses in their mailing lists. The message contained virus-laden attachments labelled as “sexxxy.jpg” or by deceitfully asserting, “Here is the document you requested … don’t show anyone else ;-).” With the help of some devious social engineering, the virus operated like a sinister, automated chain letter. Although the virus caused a lot of damage, it was not designed to steal any money or personal information. A lot of email servers had to be shut down. In just a few days, cybersecurity professionals had mostly stopped the virus’s spread and although it took considerable time to completely eliminate the infections, their networks’ functioning was eventually restored.
