Unmasking the authors

By on

Education should play an important part in preventing the next generation of virus writers, says Chris Belthoff.

The Black Baron, Dark Avenger, Spanska and Nowhere Man are just a few well-known offenders. But what about the people behind these virus-writing masks? While such attackers lurking on the internet may strike fear into the hearts of some computer users, are they truly the Marilyn Manson look-alikes who are mad at the world and take pleasure in causing grief?

The reality is rather more mundane. It is remarkably easy to write a virus - certainly not the preserve of a genius. In particular, macro viruses (which typically infect Word documents and Excel spreadsheets) and Visual Basic Script viruses are written in an extremely simple language. Anyone can write a virus; it is not possible to stereotype them and assume that what is known about one is common to them all.

Common traits

There are certain characteristics that seem to hold true for most virus writers. The vast majority appear to be male and between the ages of 14 and 24. Most virus writers also seem to retire when they reach their mid-twenties, or before. Unfortunately, there is a steady stream of adolescent males eager to replace them. Still, that's not to say that all virus writers fit within this age group. David L. Smith, the author of the infamous Melissa virus, was 30 years old when apprehended by the FBI.
The freedom and lack of censorship on the internet has allowed virus-related web sites to spring up around the world. If you know where to look on the web it can take less than ten minutes to find well over 10,000 viruses. Virus writers choose 'handles' or pseudonyms. These provide anonymity and allow the virus writer to create a fantasy persona, which may help them escape their humdrum real existence. Just as young males are attracted to the WWE, one wonders how mature an individual who wants to call himself 'Stormbringer' or 'Colostomy BagBoy' can be.

Virus writers give various reasons for why they have chosen to write viruses. Some claim that they are written for educational purposes, or to illustrate the security weaknesses of an operating system. Those who claim this say that they are actually educating manufacturers and users by presenting them with the failings of the systems they are using. Of course, you don't need to create a problem to offer warnings of a weakness.

Some virus writers have no sympathy for those they infect, claiming that if they are gullible enough to get caught it is their own fault. Other writers are motivated by political discord or have an ongoing war of words between opposing groups of virus writers and hackers.

Most writers are unaware of the wide- scale damage and harm they can cause with their viruses, and are primarily motivated by curiosity, boredom and an inactive social life. Eventually they grow up, go to college, develop other interests and stop their virus writing activities. But, of course, the viruses they have released may carry on to cause problems for some time to come.

Virus writing is not illegal, and it probably should not become a crime. Anyone should be allowed to write a virus and keep it on their own computer if they wish. They can even damage their own data if they want. But, infecting other computers without the owners' permission is unacceptable. Unauthorized access and modification of computer data (unlike the simple act of writing a virus) is a crime in many countries.

Unfortunately, some countries have been slow to introduce computer crime laws. The case against Onel de Guzman, the alleged author of the LoveLetter virus, was dropped in the Philippines because there was inadequate legislation at the time of his arrest.

But, not all virus writers have been so lucky. The Black Baron, also known as Christopher Pile, was sentenced to 18 months in a U.K. prison for the SMEG virus. And, David L. Smith, author of the Melissa virus, pleaded guilty to causing over $80 million worth of damage to businesses. He was sentenced in the U.S. to a 20-month custodial sentence and was charged with fines totaling $7,500.

Education from an early age

If virus writers are not charged and instead are offered lucrative jobs, there is a danger that this will encourage others - especially children and teenagers - to take up virus writing themselves. To prevent this from happening, children need to be educated about computer ethics from an early age. If potential offenders are aware of the penalties attached to virus writing, they will be less inclined to participate.

There will always be those that do not hold the same view. For instance, the University of Calgary in Canada plans to offer a course in malicious virus writing. The course, titled 'Computer viruses and malware,' is due to commence in the fall of 2003, and is described as focusing on "developing malicious software, such as computer viruses, worms and Trojan horses that are known to wreak havoc to the tune of billions of dollars world-wide on an annual basis."

In the end, virus writers are not geniuses or terrorists aiming to spread chaos throughout the world. However, the viruses they write can have a dramatic impact on businesses. For this reason it is important to try and understand their motives. n

Chris Belthoff is senior product manager for Sophos, Inc. (www.sophos.com).

Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?