Computer Virus Update: Newer Strains Defy Experts
| PITTSBURGH
ONE of the world's most famous computer viruses will have its day in the sun on Monday.
It's the Michelangelo virus, which each year becomes active on the Italian artist's birthday. This will be the first time in three years that the birthday falls on a weekday, which means that many business computers potentially will be at risk from the software program, that, like other malicious viruses, can cause computers to lose their data.
But the big change this year is that the fear and hand-wringing that took place three years ago over the Michelangelo virus is largely absent today. The hype of 1992 appears to have stirred reactions both good and bad.
Home users at risk
Businesses have woken up to the threat and installed virus defenses. But many individuals -- especially home- and home office computer users -- have not.
''There is and has been a continuing adoption of antivirus techniques in businesses,'' says David Oldfield, a manager at Symantec Corporation in Cupertino, Calif. But ''the level of interest and knowledge on the part of home-office users is really pretty low.''
The result is that home computer users are potentially at risk, virus experts say, not so much from Michelangelo but from a variety of newer, stealthier, and more destructive programs.
Computer viruses are man-made software programs built to replicate. Often they jump from machine to machine through infected diskettes that are shared between users. Variants, called Trojan Horses, masquerade as legitimate programs waiting to be downloaded from electronic bulletin boards.
Computer users who download programs on-line or who exchange program disks with others are clearly more at risk than those who work only with software they buy at a store.
Many of the early viruses were more playful than destructive. They left funny messages or took temporary control of personal computers. They are also among the most commonly reported.
Form, an early and nondestructive virus, is 10 times more prevalent than the next nine combined, says Jon Wheat at the National Computer Security Association in Carlisle, Pa.
The newer breed of viruses often destroy files or render computers inoperable. They are believed to be written by an underground culture of young, mostly male, computer programmers.
One of the biggest virus threats today is called Natas -- Satan spelled backwards. ''We've been getting it from all over the world,'' says Peter Morley, a senior virus researcher for S&S International, an antivirus company based north of London.
Natas uses various techniques to hide itself. It is polymorphic, meaning that it takes on on a new look every time it invades a file. And it uses ''stealth'' technology to avoid detection.
Natas can infect programs on a computer as well as a machine's start-up software, sometimes tying it up in knots. The Natas virus was distributed by an American group called the Falcon Schism.
One-half, a difficult virus from Czechoslovakia, eluded detection by antivirus researchers for two months. It has been found as far away as Australia, Mexico, and the US, and the files it destroys are as yet irreparable, Mr. Morley says.
Growth leveled off
In all, S&S International estimates there are some 6,100 viruses and virus variants; 2,300 have appeared in the last 15 months alone. But the pace of the growth is steady, Morley adds, and not accelerating as it has in previous years.
Meanwhile, several antivirus companies are using a new detection scheme called heuristics. Instead of looking for the signs or ''signatures'' of virus activity, these programs look for virus-type code, explains Mr. Wheat.
In preparation for Michelangelo, virus experts suggest that users back up their hard disks and scan them with antivirus software before Monday. Symantec offers free anti-Michelangelo software that is available through the company, through CompuServe or America Online.
