Lexington Herald-Leader (KY)

August 22, 2003

'SOBIG' CALLED FASTEST E-MAIL VIRUS OUTBREAK
SPREAD AIDED BY BUILT-IN E-MAIL SOFTWARE
NETWORKS AROUND WORLD SLOWED, SHUT DOWN

Author: Anick Jesdanun
Associated Press

Edition: Final
Section: Business
Page: C11
Dateline: NEW YORK

Estimated printed pages: 2

Article Text:

NEW YORK -- A computer virus that circulated across the Internet this week, hard on the heels of another nasty online infection, has been declared the fastest e-mail outbreak ever.

MessageLabs Inc., which scans e-mail for viruses, said that within 24 hours it had scanned more than 1 million copies of the "F" variant of the "Sobig" virus, which was blamed for computer disruptions at businesses, colleges and other institutions worldwide.

The previous record was "Klez," with 250,000 copies spotted during its first 24 hours earlier this year, MessageLabs chief technology officer Mark Sunner said yesterday.

There have been faster outbreaks on the Internet, but those circulated through networking functions built into Windows operating systems.

The "Slammer" worm struck more than 75,000 computers in just 10 minutes in January, the number of infected computers doubling every 8.5 seconds, according to researchers at the University of California and other institutions. It went on to infect hundreds of thousands more.

E-mail viruses like Sobig can hit the same computer multiple times, so the number of infections are not directly comparable.

Sunner said the latest virus was able to spread so quickly because it essentially had e-mail software built-in. Previous viruses relied on existing software packages like Microsoft's Outlook and did not spread as quickly among users of rival e-mail software.

Sobig began appearing Tuesday, just a week after a separate virus, "Blaster," wreaked havoc on computer systems across the world.

A variant of the Blaster virus fouled signaling and dispatching systems at CSX Corp. on Wednesday, a day after similar troubles brought down Air Canada's check-in systems.

Sobig does not physically damage computers, files or critical data, but it tied up computer and networking resources, forcing networks such as the University of Wisconsin-Madison to shut down outside access to its e-mail system Wednesday.

"We were removing 30,000 bad e-mails an hour," said Jeff Savoy, an information security officer at the school.

In India's high-tech city of Bangalore, dozens of cyber cafes shut down and home computers blacked out. Some cafes were hit because their service provider was affected, but others got the virus in their machines using Windows operating systems.

The owner of one of the Internet's most popular e-mail lists, technologist David Farber, was livid about Sobig.

"I got 1,300 junk e-mails 'delivered' this AM," he said in a message to subscribers yesterday. "Find the person and put him/her in jail."

Copyright (c) 2003 Lexington Herald-Leader
Record Number: 0308250284