The most recent computer virus epidemic to make the rounds on the Internet caused Lawrence to restrict outgoing e-mail from its network but caused no permanent damage. Novarg, more commonly known as MyDoom, is actually a mass-mailing worm that propagates by sending itself to the other e-mail addresses found on an infected computer. It also has the ability to use an individual’s Internet-connected computer to direct denial of service attacks against a specified domain.
Robert Lowe, Lawrence University’s Network Manager, noted that the virus affected no Lawrence-owned computers due to daily virus definition updates, which prevented them from becoming infected.
Lowe noted, however, “many student-owned computers are susceptible to viruses if they do not have up-to-date anti-virus software, because the viruses are not stripped out of e-mail messages before they arrive in their inboxes.” Had these students been using anti-virus software, which is required by the network usage agreement, they would not have been infected.
The agreement is not strictly enforced. As Lowe notes, “it’s obvious that many students ignore this, even though we offer anti-virus software to them without charge.” The Lawrence site with anti-virus information and a link to download Norton is http://www.lawrence.edu/dept/computer_services/av.
Although there is no sure number regarding the number of affected student computers on the Lawrence network, the number was probably significant. After restricting outgoing SMTP (simple mail transfer protocol) connections from the Lawrence network, there were 10,000 blocked connections within the first hour. This, according to Lowe, “greatly limited the spread of the virus from Lawrence.” The only negative side effect of this restriction was that it required a small number of students who send e-mail through an outside ISP mail server to reconfigure their settings.
As far as the cost to Lawrence caused by this virus, no monetary assessment was made, but Lowe notes, “We did experience some lost productivity.” He reiterated that if all students had updated anti-virus software this loss would be essentially eliminated.
Lowe noted that several methods of virus prevention had been tested in the past including vulnerability scans of student computers, which resulted in the forced patching of almost 200 computers. This did not detect already infected files. Another system designed to identify infected computers proved to require too much technical support to be feasible. Lowe states, “We may have to be tougher to ensure compliance with our existing policy.”
Worldwide the MyDoom virus could cost businesses $250 million, according to a CNN article. SCO and Microsoft, two companies that were targeted in the denial of service attacks by MyDoom, are each offering a $250,000 for information leading to the capture and conviction of the author of the virus.