Vmyths.com

Hoaxes, myths,
urban legends

Columnists


Addictive
Update
Model

False
Authority
Syndrome


About us

Computer
security
humor

Truth about computer security hysteria
Truth About Computer Security Hysteria

Vatis responds

Rob Rosenberger, Vmyths co-founder
Monday, 10 May 1999


Michael Vatis, director of the FBI National Infrastructure Protection Center, responds to my open letter

FBI NIPC DIRECTOR Michael Vatis graciously addressed my open letter in a reply dated 30 April. Fairness dictates I quote his letter in verbatim and without comment:

Dear Mr. Rosenberger,

Thank you for your letter dated April 6, 1999, regarding our "Alert" about the "Melissa" macro virus. Letters regarding information disseminated by the National Infrastructure Protection Center (NIPC) serve as valuable indicators that we are reaching the American public who rely on computer networks for business or personal use, and also provide useful input that helps us adjust our warnings alerts, and advisories, to better serve the needs of industry and the public.

I would, however, like to address a few misperceptions in your letter. First, your letter referred to an unidentified report which claimed the FBI had joined forces with Network Associates to offer a $50,000 reward for information leading to the arrest of the perpetrator(s) in this matter. We have learned that Network Associates apparently did offer a monetary reward, but the FBI did not participate in this offer. As you know, in fast-breaking situations such as this, press reports may not be fully informed.

Second, your letter states that our Melissa alert was the first we have issued since our creation. In fact, NIPC has issued many warnings, alerts, and advisories. Some of these have been sent to government agencies and selected industry entities based on the nature of the incident or threat, and have not been relevant to the public at large. In addition, the NIPC has sent several alerts aimed at the general public when we judged the potential impact of malicious computer acts as broad based. This was the case with the Melissa macro virus. When the general public needs to be warned, our web page and the general media can play an important role in informing the American public during these fast-moving situations. Consistent with our mission, we use all appropriate vehicles to help ensure that the public understands evolving threat situations, their potential impact on computer or network operations, and preventive or response measures they may take to minimize damage or disruption. Besides helping the public when we issue an alert, we hope the public will respond with information that will help the FBI and state and local law enforcement agencies, often working together, to investigate potentially criminal dimensions of these events.

Third, your letter states that our alert appeared to be written in haste and without any procedures to guide it. In fact, though our alert was necessarily prepared with dispatch in order to contain the spread of Melissa and resulting damage, it was not written "in haste," and it was written and disseminated in accordance with established internal procedures.

Fourth, your letter asserts that the alert appears "almost political" in nature and that we seemed to "jump into Melissa's coattails" for "photo-op potential." I must respectfully but vehemently disagree. The purpose of the warning was to alert government agencies, businesses, and the public to a fast-spreading virus that could cause denial of service to e-mail servers and networks. Our warnings, disseminated by various means early on the morning of March 27th, were among the first issued by any entity. Our statements to the press on March 28th and 29th were aimed at getting word to the general public as people returned to work on Monday and opened e-mails with the potential of creating more damage. This is a core part of our mission, and is not "political" in any sense of the word.

Finally, in the process of developing alerts and other warning products, we coordinate our activities with the excellent efforts of such professional groups as CERT, CIAC, and FedCIRC. We will usually not issue an alert unless we have some unique information, special concern, or need to reach a less computer-literate audience than that which normally relies on the computer security community.

Again, thank you for your observations regarding our latest "Alert," and for your statement of support for our charter. Our goal is to pursue the NIPC mission to protect the critical national infrastructures, including keeping government, the private sector, and the American public informed of possible malicious intrusions and viruses that could seriously damage computer network operations. I hope this reply addresses your concerns and I encourage you to write me regarding any further observations or suggestions you may have on these matters.

Sincerely,

Michael A. Vatis
Director
National Infrastructure
   Protection Center