Hoaxes, myths,
urban legends




About us


Truth about computer security hysteria
Truth About Computer Security Hysteria

Virus writers like to walk on stilts, I guess

Rob Rosenberger, Vmyths co-founder
Wednesday, 23 June 1999

ANOTHER PRESS RELEASE from mi2g (remember them?) warned of a financial computing catastrophe on 18 June. A verbatim quote:

There is mounting evidence that Cyber Warfare attacks will take place across the world by anarchists and date programmed viruses on June 18. The attacks on computer networks of financial institutions and multi-national corporations are part of an international day of action against businesses, to coincide with the G8 meeting in Cologne. Businesses head-quartered in the following countries are likely to be the key targets - USA, UK, Germany, Canada, Australia, France and Japan. Corporations and financial institutions located in London, New York and Frankfurt in particular are hereby advised to "batten down their hatches" by scanning all incoming e-mail and checking for intrusions continuously right through the weekend. If any machines behave erratically, they should be disconnected from the network immediately and checked for any tell tale signs of abnormality.

Unnamed anarchists will exploit unknown vulnerabilities in firewalls in order to trigger undetected viruses in financial computers around the world...

Date-activated computer viruses will trigger when the G8 meets in conference? Anonymous über-terrorists wait with bated breath to destroy the financial world with the push of a button? Antivirus firms with years of PR experience don't know enough to issue their own media alerts? Man, this comes right out of an Ian Fleming novel.

mi2g's press release quotes managing director D.K. Matai: "Break-ins on June 18 are not just for profit or industrial espionage. The hacking and virus attack disruptions are specifically to achieve maximum media exposure." Mind you, mi2g paid a PR firm to give this press release "maximum media exposure." Those PR folks do a pretty good job at it — NPR now treats mi2g as a credible source. Another interesting tidbit from the same press release:

The Security Intelligence Products and Systems (SIPS) division of mi2g stated today that business organisations should in particular watch out for the following problems over the coming 72 hour window:
  • Holding Data Hostage to demand payment for the release of critical knowledge
  • E-Mailing of virus attachments in benign looking wrappers
  • Remote commands to trigger embedded viruses via open ports and holes in firewalls
  • Denial of service attacks and network vandalism

Bullet #1 strikes me as odd because I fully expect a terrorist to destroy data, not hold it hostage. How would you hold data hostage, anyway? Bullet #3 strikes me as odd, too. Why does some guy sitting at a computer need to push a button to trigger a payload halfway around the world? Why not just program the virus to trigger appropriately?

Bullet #2 makes me yawn. Countless AOL users get duped every day into running malicious attachments sent in benign looking wrappers. Melissa and ExploreZip used this age-old trick... Bullet #4 makes me yawn, too. The media regularly reports denial-of-service attacks and website vandalism. We've seen this kind of stuff for years. Why should 18 June break from the norm?

I scratched my head while reading mi2g's latest press release. What do they hope to accomplish? Do they just want to build up name recognition with the media? Did the financial world collapse on 18 June as mi2g feared? I went on a search for more news clippings — and uncovered an important piece to the puzzle.

Heed mi2g's warning! Dangerous hackers organize carnivals and street parties to protest capitalism. "Step right up, pimple boy! Let me guess your password for a dollar!"
How do you know it's a hacker carnival? The rides use RS-232 cables as safety straps.
Where does a hacker carnival take place? In his parents' basement, of course.

Australian Associated Press reporter Barbara Adam filed a newswire on 16 June warning "Australian companies could be targeted by computer hackers this Friday as part of an international day of action against big business." Byron Collie, a member of Australia's national police computer crime team, delivered this warning at a computer security conference two days before mi2g issued a press release. Adam's newswire focused on the hacking aspect even though Collie said "examples could include picketing, street parties, leafleting, rallies, marches, strikes, carnivals, hacking, blockades, whatever."

You can't fault a cub reporter for focusing on hacking. Common sense would tell Adam to ignore pie-in-the-sky calls for pickets, strikes, blockades, leaflets, marches, rallies, street parties, and carnivals. This leaves only two things: "hacking" and "whatever." Only an experienced reporter would know how to cover the "whatever" angle.

Too bad Adam didn't do some research before filing her story. I visited the protestors' website and found something quite different from what the fearmongers implied. I saw no blatant cries for violence — neither physical nor electronic. If you know West Berlin's recent political history, you'll find similarities between this group and yesteryear's "Alternative List."

Australian cyber-cop Byron Collie, AAP cub reporter Barbara Adam, and mi2g flunky D.K. Matai fear a loose-knit group of people who hold jubilees for a better tomorrow. Stilt walkers, musicians, and puppeteers threaten the world with deadly computer viruses. Even worse: hackers organize fun carnivals as a cover for their diabolical plot to inject those viruses into critical banking systems.

If this group wanted maximum media exposure, they certainly got it.