Security Companies Quickly Defeated Kournikova
- By Scott Bekker
- February 23, 2001
Apparently Anna Kournikova – the virus – had even less
success than its namesake did on the pro tennis circuit this year.
Within hours of its release, the Anna Kournikova worm had
been counteracted by dozens of widely available patches from many of the top
security vendors. Sophos Anti-Virus,
Norman Data Defense Systems, Microsoft, Trend Micro Inc., and Panda Software
were among the first to release patches.
The worm itself was barely harmful. A simple VBScript that
simply forwarded itself to every address in an infected user’s Outlook mailbox,
the virus, known also as VBS/SST-A or VBS/Onthefly, also set the infected
user’s Web browser to point to a site in the Netherlands on a certain date.
While the virus itself did little damage other than
mischief, it is part of a growing trend of viruses spreading through insidious
psychological means. The Anna Kournikova virus was “probably the biggest virus
incident since [the] Love Bug,” according to Graham Cluley, senior technology
consultant for Sophos Anti-Virus. The Love Bug appealed to users’ emotions,
while the Kournikova worm had users’ more prurient interests in mind.
“This virus is the latest to exploit psychology to aid its
spread amongst gullible users,” said Cluley. “Our message to computer users is
simple – think with your brain, not with your groin.”
A virus that plays on (mostly young male) techies’ penchant
for looking at online pictures of Anna Kournikova may seem like a mostly
harmless prank, but the Kournikova worm is just the latest to cost
organizations around the world money, time, and resources. A report by Computer
Economics Inc. determined that the economic impact of virus attacks on systems
around the world was $17.1 billion in 2000, with the Love Bug alone costing
organizations $8.7 billion in network downtime, disinfection, and lost
“Unfortunately, there’s no silver bullet for security,” said
Tim Kinnear, president and CEO of Intrusion.com,
a network security vendor. “You can’t deploy a one-shot solution and think you’ve
solved the problem.”
Dozens of security teams, as well as law enforcement
officials, helped to quickly quash the virus and its author, a Dutch hacker
known as On the Fly. The 20-year old hacker was arrested on February 14, and in
a statement on the Internet, reiterated what security professionals have stated
all along, albeit in a backhanded manner: “But after all: It’s their own fault
they got infected.” In a related incident, the author of the Vbs Worm
Generator, the virus authoring tool used to create the worm, removed the
application from his Web site.
“A feeble excuse on the Internet for why he did it won’t
help the thousands of users who were infected by this virus,” said Cluley. – Isaac Slepner
Scott Bekker is editor in chief of Redmond Channel Partner magazine.