KIS,
I certainly think it is likely that, as you have speculated, Ebay has suffered from a case of worms. The timing of the outage on Thursday is too much of a coincidence to be ignored. I find it somewhat astonishing that E-bay management has not come out and said so in a forthright and public manner. Of course, omission of timely material information (except from 10K and other periodic reporting requirements) is no securities violation. But if the company has privately informed enquiring analysts that such in fact is the case, without issuing a general press release, such selective disclosure might be actionable.
I would imagine that EBAY does not wish to arouse fears of possible contagion among users, whether such fears might be rational or not. Parenthetically, I wonder what remedy, if any, for someone who catches an e-mail virus from a public company's computer assuming this company knew but did not disclose to users that it had such a virus.
June 15, 1999
Resilient Computer Worm Is
Continuing to Take a Heavy Toll
By JOHN MARKOFF
Computer researchers reported Monday that a virulent
computer program was spreading in a previously
undisclosed way, generating new reports of significant loss of
data by major corporations and individual computer users.
The Computer Emergency Response
Team, a government-financed computer
security organization based at Carnegie
Mellon University in Pittsburgh, said the
program could spread not only by
attachments to e-mail but also over local
corporate networks.
As a result, officials said, companies will
need to take more strenuous and
potentially costly measures to guard
against an attack, since computers can
be infected even if their users refrain from
opening suspicious e-mail attachments.
Indeed, if even one infected machine is
sharing files with other computers on a
network, the program will continually
attempt to infect those computers and to
erase files on otherwise protected
computers.
"There is a risk of continued infection,"
said Shawn Hernan, a researcher for the
response team. "If you install anti-virus
software," but do not cut off the ability to
share files while each individual computer
is disinfected, the program "continually attempts to reinfect"
computers in the network, he said.
The program, a type of computer infection known as a worm,
was initially detected early last week in Israel, where it is
believed to have originated, and spread to Europe and the
United States within two days. As it propagates from computer
to computer, it can destroy data along the way, preying
particularly on widely used Microsoft programs like Word and
Excel.
Although corporations and some individuals typically keep
backup copies of their data, it became evident Monday that the
worm could overcome even that precaution. Because the
program expunges the data within a file without deleting the file
itself, the backup copy may also turn out to be blank if the
infection is not detected quickly enough.
"There are a number of ways to make backup copies of data,"
said Dan Schrader, the vice president of new technology at
Trend Micro Inc. of Cupertino, Calif. "Computer users should be
careful not to back up in such a way that good data is directly
overwritten."
The danger of the program was underscored on Friday when it
destroyed data on the computer of the chief operating officer of
Trend Micro, the nation's third-largest anti-virus company.
Anti-virus executives said new reports of infection by the
program continued to filter in, though not at the rate of late last
week. On Friday, Network Associates, based in Santa Clara,
Calif., one of the nation's leading anti-virus software vendors,
said 60 percent of its 300 large corporate customers had
reported some computers infected by the program.
Other anti-virus researchers said that the 60 percent figure was
probably high for the national rate of infection from the worm,
known as Explore.exe for the file that launches it. Still, they said
it was likely to be as widespread as the Melissa program, which
infected about 19 percent of the nation's large corporations in
March but did not destroy files.
"Our sense as of Friday is that this program is so far less
pervasive than Melissa but more destructive," said Peter Tippet,
chief technologist of ICSA.net, a computer security research
firm in Reston, Va.
A recent survey by ICSA indicated that Melissa had caused
more than $393 million in damage in less than a week in the
United States.
All the major anti-virus companies said their products protected
against the new infection but not against the danger of file
erasure if an infected machine was connected to the network.
One of those companies, Symantec, said Monday that its
customers were starting to understand the scope of the
damage. "People are looking for their data," said Carey
Nachenberg, the company's chief anti-virus researcher, "and
finding that stuff they didn't even think about got destroyed."
Among the companies to have reported damage was the
Storage Technology Corporation, a computer storage company,
which had 100,000 files destroyed after the infection hit its
Colorado headquarters on Thursday afternoon. The files
represented 600 gigabytes of data -- roughly equal to the
storage capacity of 600 late-model personal computers. A
spokesman for the company said the infection had been
contained by Friday morning.
At the Boeing Company, officials
said Monday that the company's
e-mail network was shut down
from 3 P.M. Thursday until 3 A.M.
Saturday to guard against
spreading the infection.
The company reported some
loss of data, but said much of it
had been backed up.
"I'm sure that some people lost more or less important stuff, but
I'm not hearing that anything really critical got lost," said David
Suffia, a company spokesman.
Imagio Technology Marketing and Communications, a Seattle
public relations firm, was also affected last week.
Network Associates, the anti-virus software company, said its
call volume had declined Monday but was still double the normal
rate.
The company said that on Friday and Saturday 10 million
copies of its anti-virus software were obtained over the Internet,
six times the normal rate.
"Most of our enterprise customers have got it nailed," said Wes
Wasson, the company's director of security product marketing.
But he added that there were new infections at smaller
companies and reports of widespread damage in Eastern
Europe.
"Melissa showed us how fast viruses can propagate but didn't
have a warhead," he said. "This one detonates."
nytimes.com |
