Hoaxes, myths,
urban legends




About us


Truth about computer security hysteria
Truth About Computer Security Hysteria

Another publicity bonanza for mi2g

Rob Rosenberger, Vmyths co-founder
Thursday, 4 November 1999

mi2g founder D.K. Matai
mi2g founder
D.K. Matai

MI2G PULLED OFF another publicity bonanza centered around founder D.K. Matai. Let's begin with the first few lines from a story in London's Sunday Times:

British companies are being attacked by mystery hackers with a virus that dupes computers into thinking that the millennium has already arrived. The bug, which forwards internal computer clocks to January 1, 2000, is capable of crippling systems for up to three days, during which time valuable data can be stolen or wiped out. Security software experts have been called in to combat the threat posed by the virus. They believe it is capable of overpowering almost all computers, including Y2K-compliant systems which have been deemed ready for the rollover to the new millennium.

D K Matai, managing director of mi2g, a security software company which advises many of London's financial institutions, said: 'Hackers are causing chaos with this code because it can immediately shut down computer systems. There are not just financial risks to be considered; serious safety issues are also involved.' The virus, known as a clock-forwarding code, has been unleashed on companies in America and Europe. Experts have traced its origin to Bulgaria, Romania and Scandinavia but have been unable to identify the hackers.

Similar fearmonger stories appeared in both the Daily Record and ZDNet's British news outlet. Each came about thanks to mi2g's latest propaganda effort.

One perfectly timed press release begins: "on the eve of the mi2g software event on 'How to manage e-risk?' organised in conjunction with Reuters and First Tuesday, it was revealed that most of the serious electronic attacks taking place against financial institutions, multi-nationals and major on-line businesses are highly covert and seldom become public knowledge." Two days later, mi2g conveniently announced "two serious cases in October of clients being attacked" by hackers who set computer clocks forward to January 2000. Unnamed clients, natch.

mi2g's hysteria flies in the face of current Y2K preparedness assessments. Oddly, they don't seem concerned by their implication of global catastrophic failure in two months. mi2g only cares if the computing world dies before its scheduled demise on 1/1/2000. It's like hearing someone say "this death-row inmate needs a heart transplant." Seems kind of pointless, doesn't it?

Only mi2g can protect you from an unconfirmed virus which sets your clock two months ahead.
Remember: Y2K itself will set your clock to 1/1/2000 in two months.

A quick recap: mi2g turned into a computer security firm almost overnight this year. I surmise they didn't do so well after creating an "Internet paradigm shift" with a "breakthrough" concept known as, um, "lounges." mi2g's clock-forwarding fetish surfaced soon after Matai declared himself a renowned security expert.

So far as I can tell — I don't make this claim lightly — Matai apparently just decided Y2K will destroy computers if it arrives even one day too soon. mi2g claims they performed extensive date-forwarding tests, but no one I've encountered to date claims to have seen paperwork on it. The two or three other full-time employees (counting Matai's wife) probably just go along with his statements. He is the company's founder, after all.

In Matai's defense, I didn't ask him yet for a copy of the test results. I tried to learn about it from various clients highlighted on mi2g's website. That's another wild story, but we need to stay focused on the imminent demise of computing...

So let's talk about this über-Trojan in the Sunday Times story. I put out a general call to antivirus vendors for confirmation & details. The experts know of Matai, but no one knows about this malicious code. Sample comments from the field:

"No one at ICSA has seen it or know of anyone who has. It appears convenient that in the last weeks two unnamed companies have seen evidence of a type of code that Mr. Matai has been predicting to be possible for several months."
-- Larry Bridwell, Technology Program Manager, ICSA

"CARO has no sample of this trojan/virus, at least nobody from CARO say a word about it."
-- Eugene Kaspersky, AVP, Kaspersky Labs

"We have had no reports of the 'virus' D K Matai of mi2g has been telling the press about. We did, however, receive calls from the media who were thinking of writing the story. We were able to point them to our 'Is there a Y2K virus problem?' white paper, which mentions D K Matai's previous predictions."
-- Graham Cluley, Sr. Technology Consultant, Sophos

Conclusion? Only mi2g can protect you from an unconfirmed beast which sets your computer clock two months ahead. Beg them for help and pay Matai any price if you value your personal safety.

mi2g doesn't seem concerned by their implication of global catastrophe in two months. They only care if the computing world dies before its scheduled demise on 1/1/2000.

Oh, and remember: Y2K itself will set clocks to 1/1/2000 on New Year's Day. Enjoy the Internet and your personal safety while it lasts.

PARDON ME WHILE I rant about the "inverse problem" of accuracy. The more I strive for it, the more I get critiqued for minor things. (One person noticed I said "acronym" instead of "abbreviation" in my 28 Oct opinion.) On the other hand, mi2g can get away with all sorts of wild claims because they don't strive for accuracy.

Editors sometimes reject me as a source because I won't tell reporters where I work, let alone speak for my employer. The media prefers to quote sources with corporate credentials. Answer: D.K. Matai. Editors embrace him because he founded a corporate entity with professional office space and slightly more than one full-time employee. (The media likewise once embraced John McAfee, founder of McAfee Associates.) Hey, you can take Matai at face value — after all, a British knight serves as his company's chairman.

I could do what Matai does, you know. I could easily launch www.infowar.nu. I just need to incorporate myself, offer the chairmanship to a respectable businesswoman, rent office space, hook up a T1, let my wife play secretary, then print letterhead for the "Securität Intelligencia Directorate" within my firm. I could claim I worked on top-secret information warfare programs for NATO. Yeah, that's the ticket! How many people can say they've been to CIA headquarters? (True! My cab driver pulled up to the gate to ask for directions.)

I could lead reporters to think I have access to classified White House documents. I could make them believe I know all about the cyber war in Kosovo. " 'That's what Area 51 was built for,' Rosenberger asserted. 'Not alien autopsies, but computer armageddon.' "

Hang on while I advance my laptop to 12/31/99 at 11:59:55pm. 4,3,2,1... Hmmm. It clearly says "Saturday, January 01, 2000" when my mouse hovers over the system tray. My active-matrix panel didn't even flicker. Oh well: I probably just didn't do it right. Maybe if I go back in time? Hmmm. Same nothingness. I wish I knew how mi2g conducted their experiments.

Hey, waitaminit! Do you think curious users at those two companies set computer clocks ahead just to see wha... Nah, only a hacker or a trained professional would conduct such a dangerous experiment. Forget I said it.

I could do what Matai does, you know. I just need to overcome one pesky little obstacle...