FEMA's 'Love' potion

The Federal Emergency Management Agency's remedy for the "ILOVEYOU" virus

running rampant worldwide was to limit the size of incoming and outgoing

e-mail messages at the agency's national firewall.

G. Clay Hollister, FEMA's chief information officer, said being aware of

the problem early and building that quick fix into the firewall helped limit

the severity of the virus' effect on the agency.

"Our enterprise security manager and national e-mail administrator learned

about it last night, and the first message with it arrived at about 8:30

this morning," Hollister said. "At 8:32 a.m., a throttle was built into

our national firewall that limited any messages in or out to 10K...since

they knew the message itself was about 15K."

Hollister said FEMA only had to shut down one of its 20 exchange servers,

which happened at 8:47 a.m., and the server was back up and running at 9:27

a.m. He said the firewall limits were taken off by 1:30 p.m., and only 145

machines were affected out of the agency's more than 3,000 machines nationwide.

FEMA used a patch from Symantec Corp., which the agency downloaded at about

10 a.m. The patch encapsulates the infected files so that even the 145 infected

machines are still operational, Hollister said.

"The smartest thing they did, and what made all the difference, was putting

that throttle in our national firewall at Mount Weather, [Berryville, Va.,]"

he said. "It stopped it from propagating in or out."


  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected