This month we celebrate or shall we say we remember one of the world's most dangerous computer related disasters created by a Filipino student from AMA University. I made a thorough research with this particular event in the history of computer, and this got my attention. World’s well-known media as well as top security providers can testify to the chaos brought by this “ILOVEYOU” virus.
It all started in the Philippines when 24-year-old Onel De Guzman released a virus that he had proposed creating as part of his undergraduate thesis. The attack happened on Thursday, May 4th 2000 and this make the Philippines mapped in the history of computer. Although it was an unfortunate event, it is still something we should be proud off.
The first encounter
Ten years ago today, a young Filipino computer student made history by unleashing the world’s first global Internet-borne virus. Known as the Love Bug, the virus spread from East to West in a single day, inflicting $5.5 billion in damages, corrupting files, and shutting down computer systems at major corporations, newsrooms, Wall Street firms and government offices across the world, including the Pentagon and the CIA.
Based on the blog written by Graham Cluley, it was rapidly becomingly the biggest computer virus outbreak the world had ever seen. Media reports from the time claim that the CIA, Ford and the British Parliament were amongst the many organizations affected.
The key part of the virus was not any technical trick but the wording of the subject line - ILOVEYOU - and its attachment LOVE-LETTER-FOR-YOU. Few could resist opening the attachment which kicked off the attack code that then plundered their e-mail address list and sent itself to every name it found. In 2000, many people did not have any security software and even those that did only updated the signatures of known viruses once a month.
The Love Bug
The Love Bug, also known as ILOVEYOU, LoveLetter or VBS/LoveLet, spread itself via email using the subject line "ILOVEYOU" and the message body "Kindly check the attached LOVELETTER coming from me".
Attached to each email was a file, LOVELETTER.TXT.VBS, which used a double extension to try and hide that it was a Visual Basic Script rather than a text file.
There was nothing particularly clever about the Love Bug's code that explained why it had spread so widely so quickly - the reason for its "success" was that it had tapped into a universal need: the desire to be loved.
If you received the email from that cute girl in the accounts department, you'd open it. After all, who doesn't want to be desired? If you'd received it from your 300lb boss with a walrus moustache you'd even open it - after all, it's probably a funny joke, right? Even if you were in a loving, stable happy relationship - simple curiosity would probably have meant that many of us would have found it hard to resist investigating further.
And even if you didn't speak English you would probably open it. After all, "I Love You" are probably the most recognized words in the English language even amongst those who have never met an English speaker.
With the virus spreading around the world, the hunt was now on for its author.
The Creator
In 1999, Onel de Guzman, a student at the AMA Computer College in the Philippines, submitted a thesis proposal for a program that would steal usernames and passwords from other computer users in order to save money when accessing the internet.
De Guzman's proposal (seen above) was rejected by the college's academic board for advocating illegal behaviour. If Guzman had listened to his teacher's advice, maybe the world would never have heard of the Love Bug.
But, as it was, on May 4th 2000 (the day before his graduation day) a worm following Guzman's blueprint spread rapidly across the globe, attempting to forward passwords to email addresses in the Philippines.
Because it was a Visual Basic Script (VBS) virus, the Love Bug's code was plain to see - even by people without any experience of analysing viruses. Indeed, within a day of the initial worm's spread a number of copycat viruses had also emerged.
However, in its code was a clue to the Love Bug's origin:
rem by:spyder / ispyder@mail.com / @GRAMMERSoft Group / Manila,Philippines
Data sent by the worm to the mail.com email address were forwarded to spyder@super.net.ph and mailme@super.net.ph, two Filipino addresses that were buckling under the pressure as information was stolen from victims' computers worldwide.
The Aftermath
On 5 May 2000, two young Filipino computer programmers named Reonel Ramones and Onel de Guzman became targets of a criminal investigation by agents of the Philippines' National Bureau of Investigation (NBI). Local Internet service provider Sky Internet had reported receiving numerous contacts from European computer users alleging that malware (in the form of the "ILOVEYOU" worm) had been sent via the ISP's servers.
After surveillance and investigation by Darwin Bawasanta of Sky Internet, the NBI traced a frequently appearing telephone number to Ramones' apartment in Manila. His residence was searched and Ramones was arrested and placed on inquest investigation before the Department of Justice (DOJ). Onel de Guzman was likewise arrested in absentia.
At that point, the NBI were unsure what felony or crime would apply. It was suggested they be charged with violating Republic Act 8484 (the Access Device Regulation Act), a law designed mainly to penalize credit card fraud, since both used pre-paid (if not stolen) Internet cards to purchase access to ISPs. Another idea was that they be charged with malicious mischief, a felony (under the Philippines Revised Penal Code of 1932) involving damage to property. The drawback here was that one of its elements, aside from damage to property, was intent to damage, and de Guzman had claimed during custodial investigations that he may have unwittingly released the worm.
To show intent, the NBI investigated AMA Computer College, where de Guzman had dropped out at the very end of his final year. They found that, for his undergraduate thesis, de Guzman had proposed the implementation of a trojan to steal Internet login passwords. This way, he proposed, users would finally be able to afford an Internet connection. The proposal was rejected by the College of Computer Studies board, prompting de Guzman to cancel his studies the day before graduation.
Since there were no laws in the Philippines against writing malware at the time, both Ramones and de Guzman were released with all charges dropped by state prosecutors. To address this legislative deficiency the Philippine Congress enacted Republic Act No. 8792, otherwise known as the E-Commerce Law, in July 2000, just two months after the worm outbreak. In 2002, the ILOVEYOU virus obtained a world record for being the most virulent computer virus at the time.
Reference: http://en.wikipedia.org/wiki/ILOVEYOU
Author’s point of views: I am also a proud AMA student and I cannot deny the fact that I am his fan. I love the logic of hacking, as they say hackers are cool! Unfortunately, the reality speaks the other way around. One thing I realize about this unforgettable event is that programming can, and will change the face of the universe.
Post a Comment
Your comment is as valuable as my post. We would like to hear it from you.