Feds shine during 'Melissa' scare
The outbreak of the "Melissa" e-mail virus that first appeared as certain disaster for public and private networks alike instead emerged as an invaluable test of federal agencies' readiness to handle the dangers inherent in a networked world.
Melissa spread quietly and rapidly through a number of agencies that use Microsoft Corp. word processing and e-mail software, even infiltrating a highly secure Defense Department network. But IT administrators across government responded with impressive alacrity. As soon as they became aware of Melissa, IT administrators began filtering their e-mail to catch the virus, downloading software to fix the virus and even shutting down their own e-mail servers if needed to limit its spread.
To some extent, agencies had it easy. While the virus can compromise the security of desktop software and even electronic documents, the virus does not appear able to corrupt or erase end-user data or applications. Still, Melissa has the ability to proliferate at an unimaginable rate, so the outbreak required immediate action by agencies to limit the disruption of their e-mail services and to prevent the virus from spreading to other servers.
In most cases, the rapid response reflected careful planning that went into developing action plans for dealing with such outbreaks. Not only did agencies have plans in place for dealing with the technology, but the larger agencies had channels in place for alerting widely distributed and remote offices.
And two governmentwide organizations, the Computer Emergency Response Team and the Federal Computer Incident Response Team, played a vital role in alerting agencies to the problem and the potential solutions. Like a squadron that performs well in battle, the government's response to Melissa speaks well of the training and planning that has gone on for years.
Many believe Melissa is a harbinger of more numerous and damaging viruses and other malicious electronic attacks to come. While it is impossible to foresee what form these attacks might take and what damage might be done, Melissa's brief visit serves as a reminder of the ever-increasing importance of security in an agency's overall IT plan. As long as agencies continue to maintain their readiness and a high state of alert, they will be as prepared as humanly possible for future threats.