Reflecting on ILOVEYOU.
By Glenn Ambler
Back in 2000, I worked as a fresh-faced security consultant for Vertex Data Science. I was interviewed about the impact of the ILOVEYOU virus. And, was asked what advice I would offer to others in dealing with this kind of threat. Having given my response to my surprise, the author kindly promoted me to manager.
What was ILOVEYOU
For those too young to remember, ILOVEYOU, was a computer worm that infected over ten million Windows personal computers in May 2000. It started spreading as an email message with the subject line “ILOVEYOU” and the attachment “LOVE-LETTER-FOR-YOU.TXT.vbs.
The person behind ILOVEYOU came up with an ultimate social engineering trick – how can anyone ignore a file with the name “I love you”?
An e-mail spam was sent on behalf of the victim to their address book, it also downloaded a Trojan program that sent the passwords for mail and internet access to the malware’s creator. Finally, it deleted, hid, or corrupted files on the hard drive: music in MP3 format, JPEG images, various scripts, and copies of web pages.
My job back then…
Most days, I could be found wrangling the corporate firewall or doing risk assessments on billing and industrial control systems. I’d spent the previous year doing a lot of Y2K preparation. However, in early May 2000, I was the lucky person to pick up the phone to be told “I think we’ve got a problem….”. It was my incident to run; while my boss (Hi Mark!) provided top cover, others in the team started pulling apart the VBS file, calls to AV vendors, and contacts in the industry ensued, and it was quickly realised that this was something new.
The article picks up the story from here…
My top tips were:
- Never open attachments that come from emails with an unknown source. If in doubt, check it out with the security desk.
- Never reply to suspicious emails.
- Don’t visit dodgy websites as it could pose a risk, and it’s likely to be discovered and disciplined.
- If you think virus signatures on your machine may be out of date, contact your service desk.
- If you inadvertently open a virus-infected attachment, contact the service desk right away and follow their instructions to the letter.
- Never insert “unchecked” floppy disks in your machine.
- Always keep a backup of essential data.
Okay, I grant you point 6 is a bit of a giveaway to the era! And, yet I was surprised looking back that despite both the increase in sophistication and the volume of threats, the advice largely still stands.
How much has changed?
Aside from a few giggles around the office when I shared the attached article, which was mostly hair related, I got to thinking about how much and yet how little has changed in 24 years. But I’m thankful there is an even greater focus on CNI and protecting personal data.
If you’re heading to CyberUK this month, drop by stand G1 and have a chat about your cyber security memories and challenges. Hope to meet you there!
Contact us to find out how we can help with a tailored approach to your security monitoring.
