Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: 0003965782@mcimail.com (Sanford Sherizen) Newsgroups: comp.virus Subject: (1) GAO Report on Computer Security (2) Viruses from Eastern Europe and Message-ID: <0002.9012201422.AA05067@ubu.cert.sei.cmu.edu> Date: 17 Dec 90 20:40:00 GMT Sender: Virus Discussion List Lines: 84 Approved: krvw@sei.cmu.edu **(1) Dave Dittrich recently posted a message regarding a Government Accounting Office (the investigative arm of the Congress) report on computer security. Since it is so long, those who want a hard copy can get it by writing to GAO, Post Office Box 6015, Gaithersburg, MD 20877 USA or calling 202/275-6241. Request IMTEC-89-57, June, 1989 report entitled Computer Security: Virus Highlights Need for Improved Internet Management. The first five copies of the report are FREE and additional copies are $2.00 each. Sandy **(2) EASTERN EUROPEAN VIRUSES (Forwarded from Computer Underground Digest) From: P.A.Taylor@EDINBURGH.AC.UK Subject: Virus Planters from Eastern Europe? Date: 27 Nov 90 17:22:04 gmt FEARS OF COMPUTER VIRUS ATTACK FROM EASTERN EUROPE GROW. From: The Independent, Sat 24.11.90, By Susan Watts, Science reporter. The computer industry in Britain is being warned against an influx of malicious viruses from eastern Europe. Governments and companies there use computers less widely than those in the West. The range of applications is limited and so programmers have time to write these destructive programs. Bryan Clough, a computer consultant based in Hove, East Sussex, returned last week from Bulgaria with 100 viruses unknown in the West. "People have been writing these as a form of protest against the authorities. Some are very good indeed...I am terrified of running them on my machine but until I do I will have no idea of what they are capable of", he says. Mr Clough predicts a wave of virus attacks on Britain, launched mainly through electronic message systems known as Bulletin boards. One bulletin board in Birmingham already believes it has been hit by Bulgarian viruses. These programs can corrupt or destroy data stored on a computer's hard disk. Jim Bates, who dismantles viruses for Scotland Yard's Computer Crime Unit,says "I'm having a hell of a job keeping up with the viruses coming through already. The problem is that we can only screen for viruses that we know about". He warns the computer industry against rogue software from eastern Europe, Bulgaria and Russia are thought to harbour the most virulent viruses. The small but legitimate software industry in Bulgaria complains that programming is one of the few skills that the industry can exploit. Recent concern is killing off even this slim chance of gaining hard currency from overseas. Part of the problem is that the authorities do not believe in copyright or patent protection for software. "Programmers are used to ripping off software" Mr Clough says, "so that they are expert at hacking into each others systems and planting viruses." He found at least 30 people producing viruses in Bulgaria. Most are known to the police who can do little to stop them since the country has no laws against computer crime. Even in Britain which introduced legislation against hacking this summer, virus writers can be arrested only if they enter a computer system without authority or cause damage once inside. Scotland Yard's anti-virus team can extradite foreign programmers who flout this law, if Britain has an extradition treaty with the country concerned. One of the most worrying of the virus-writers calls himself the "Dark Avenger". He has written a number of malicious programs, and Mr Clough believes he intends to plant these in Britain shortly. Virus detectives are dismantling one such program called "Nomenklatura", thought to have been written by this man. Security experts in Britain fear programmers in the Soviet Union may soon follow Bulgaria's lead. The Soviet Union has no copyright laws, and some sections of the software industry are already using viruses as a way to punish those who steal programs. One such virus displays the message "Lovechild in "Lovechild:in reward for stealing software" on the screen. Less than two years ago there were only 20 or so virus programs around, now there are hundreds. In Bulgaria a new virus appears once a week, Mr Clough says. Sandy