New macro viruses infect agencies

Federal computer users are being threatened by malicious new "macro" viruses involving Microsoft Corp.'s Word and Excel programs, prompting agency warnings about potential widespread damage.

First discovered last summer, these viruses have already hit Energy Department and other government facilities. DOE's Computer Incident Advisory Capability (CIAC) last month issued a warning on the Internet stating that macro viruses "are no longer an isolated threat, but they are a significant hazard to the information on a computer."

Macro viruses are "affecting government sites in mass infections," said Sean Nadeau, director of technical support for North America for anti-virus software vendor Thunderbyte Inc. "We're not getting calls [about] one document infected. It's...a hundred documents infected."

Nadeau said the impact of these virus attacks has been great. "It's very time- and money-consuming for the sites that are infected because the amount of sharing of electronic documents means that there's a faster possibility of the virus spreading."

Traditional viruses attach themselves to program files or boot records, but the macro viruses attach themselves to documents that contain small, executable programs written in platform-independent languages. Macro viruses are executed when an infected document is opened (see box, page 61).

Particularly vulnerable to these viruses are documents written in Word 6.0 and Excel, two popular packages in the federal market. Platforms affected include Microsoft's Windows 3.1, Windows for Workgroups 3.11, Windows 95, Windows NT and the Macintosh operating system.

"I would anticipate macro viruses becoming a major problem this year," said Ken Rowe, senior security engineer at the National Science Foundation's National Center for Supercomputing Applications. "It's going to take a while for everyone to become aware of them and to get the tools to deal with them in the right way."

To avoid getting infected, users must run a virus scanner over Word and Excel documents before opening them, just like they scan executable files before running them.

"People are used to scanning for viruses in programs. But people aren't used to having to scan documents every time they get them," said Bill Orvis, a computer security specialist with CIAC.

"Users need to learn "that you can get a virus from clicking an icon on the Web, opening a spreadsheet or displaying a graphics file," said Eugene Spafford, head of the computer operations audit and security technology lab at Purdue University.

In the case of Word and Excel viruses, Microsoft has already issued a protection template. Users can find it by connecting to http://www.microsoft.com and using the search command to find "macro virus." Anti-virus software vendors have responded with updated versions of their packages.

"We now offer the capability to scan for macros and to clean them," said Lee Taylor, vice president of sales and marketing for Norman Data Defense Systems Inc. "We saw a jump in sales among federal customers for our anti-virus software in February, and we believe that one of the drivers of that was the increasing occurrences of the macro viruses," said Mary Engstrom, general manager of the anti-virus group at Symantec Corp., which is posting free scanners for macro viruses starting today at http://www.symantec.com.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.