The Virus Industry

BROOKE GLADSTONE: The year is still young, but computer hackers are already hard at work crashing our hard drives and clogging the net with worms and viruses. The latest outbreak, "Mydoom," has already wormed its way into half a million computers worldwide. Writer Clive Thompson traveled around Europe and cyberspace talking to the masterminds behind some of the world's worst virtual viruses for an article in this week's New York Times Magazine, and he says that many of them are just what you would imagine -- bored, tech-savvy teens.

CLIVE THOMPSON: Definitely the younger ones I would say are very bored. I mean some of these kids I talked to, they're out in like 600-person towns in the foothills of Austria, and there is nothing to do. I wandered around a little bit with them. I'm like -- if I lived out here when I was a teenager, I'd be doing something online.

BROOKE GLADSTONE: Did you find one over thirty?

CLIVE THOMPSON:No. They do exist. The ones I talked to were all the ones that are very active in the scene. What tends to happen, if you talk to psychologists who've studied virus writers, is that they age out the same way that, you know, if you had a troublesome teenager who was, you know, breaking curfew or experimenting with drugs, they age out of that.

BROOKE GLADSTONE:And you describe the scene, and I love your words -- you say "It's oddly gentlemanly, almost like the amateur societies of Victorian Britain." What did you mean?

CLIVE THOMPSON: Well what I meant is that, you know, if you go back to Victorian Britain, science was very much an amateur's game. People would get together at the end of the day, and they would exchange papers on things in a sort of an attempt to prove what they had to say and to contribute in this very sort of public-minded way to the furthering of knowledge. And these guys work in a very similar fashion. They're motivated, yes, by a desire to sort of be kind of rebels, and yes, by boredom, but also because there is this very big community of them, hundreds or even thousands of them, and they all want to impress each other, and they all want to see if they can discover a new technique that no one else has discovered. And then when they've discovered it, they really want to share it with everyone else. They want other people to use it.

BROOKE GLADSTONE: But they don't all want to wreak their virus upon the computer world. Some of them do.

CLIVE THOMPSON:Yeah. There are a lot of very weird ethical gray areas in virus writing. The smartest guys know that the cops have it in for them. They know that if they are caught releasing a virus -- "into the wild" is what they call it -- then it could be traced back to them and they could get thrown in jail. So they don't release 'em. They stopped doing that a couple of years ago, the most talented ones. They'll just put it up on a website. The way they figure is at that point in time, their responsibility is over. If some miscreant, some teenage rebel or even a terrorist, you know, decides that they want to use it to actually wreak havoc, that's actually probably how a, a number of viruses come into circulation, is that these things are left lying around, and--

BROOKE GLADSTONE: And most of these perpetrators, not the inventors--

CLIVE THOMPSON: Yeah--

BROOKE GLADSTONE: -- but the people who actually send them into the wild, are called "script kids?"

CLIVE THOMPSON:"Script kiddies." It's, it's a derisive term that comes out of hacker culture. The idea being that a "script kiddie" is someone who doesn't really know how to program but wants to pretend that they're a fearsome hacker. And so they go around, and they find tools or code that is, you know, again freely available on, on hackers' websites or on virus writers' websites, and they maybe fiddle with it a little bit, they put their name on it -- you know, I am Lord Anarchy or something like that, and they're the ones that set it loose. Cause often they don't really understand the damage it could do, or they just care less about getting caught. There are virus writers that do release their own viruses where the laws are not prosecuted very carefully, the police don't care. So there's guys in, in Malaysia, there's guys in the Philippines, there's some guys in Russia -- they're in the minority, but those are the ones that are probably even a little scarier, because they have the means and the will to do it.

BROOKE GLADSTONE: You said that 2003 was the year of the worm. What's the difference between a worm and a virus?

CLIVE THOMPSON:Well, a virus is essentially a little program that arrives usually in email, and it only starts doing its dirty business if you click on it. You have to double-click on that attachment in the email. As soon as you do that, it reaches inside your computer and it adds new commands to the operating systems so that, say the next time your computer starts up, it'll see those commands there, and it'll think well, this is something I ought to do, and that could be something as benign as pop up a little message saying, you know, it's the virus writer's birthday. Worship me. [LAUGHTER] Or it could erase your hard drive. Or it could scavenge data and mail it off to the virus writer. A worm is a little bit different, because a worm generally can spread without you needing to click on anything. It travels by finding a vulnerability in the computer, sometimes in the operating system, almost like a little hole or a gap, and exploiting that. Worms are a little more dangerous in some respects because although they don't necessarily always affect your computer, they propagate so quickly, because they don't need human assistance, they can brown out the internet, almost like the way that air-conditioners, if a lot of them are on at once, can brown out the power grid.

BROOKE GLADSTONE:So let's look back at the evolution of these things. You quote somebody in your article that compares the early viruses to Ebola and the more modern ones to AIDS.

CLIVE THOMPSON: When viruses first came around, in the late '80s and early '90s, people were interested with doing a bunch of very dangerous things --like erasing hard drives, and what people realized that those viruses don't always spread very well, because they kill off the host. It's like Ebola. Why has Ebola never raged out of control, really? Well, because by the time it infects the entire village, it doesn't have time to spread anywhere else, because it kills everyone in 3 days. There's no one left alive to walk to the next village. Same thing with computer viruses. If you destroy someone's hard drive, the virus can't spread anywhere else. The new viruses -- the Mydoom's or the Sobig's -- they're like stealth viruses. They're designed to get on your system and do their dirty business without you ever noticing they're there.

BROOKE GLADSTONE: So that is the current wave of deadly virus. You look ahead to even deadlier ones.

CLIVE THOMPSON:Sure. I mean the, the fact of the matter is, because there's so much of this computer code out there that's freely available, it's almost like Lego bricks. You know, you could go out there yourself and just take some of this code and compile it into a new breed, add a new illicit idea of your own. Criminals, literally organized criminals, are behind some of the big worms of the last year. They take worm technology and they use it to infect your computer with things that are like key loggers.

BROOKE GLADSTONE: And what are those?

CLIVE THOMPSON:Well, a key logger logs records of every keystroke on your computer, so it can capture all your passwords, if you type in your banking information, it would capture that, anything in your email, and then it emails it off to an email box for the worm author so they can do identity theft. They can steal your credit card.

BROOKE GLADSTONE: What does the average computer user do to protect themselves against viruses and worms?

CLIVE THOMPSON:The first thing they could do is just never click on any attachment that arrives in your email box unless you were already expecting it from someone. I have had virus writers tell me -- if people didn't click on these attachments, that would pretty much kill our entire scene. [LAUGHS]

BROOKE GLADSTONE:But some of those attachments come from people you know, or appear to come from people you know, because they're being sent through other people's mailboxes.

CLIVE THOMPSON: That's right. Unless your friend has told you - I'm going to send you something in a few minutes - don't click on it.

BROOKE GLADSTONE: Nobody's going to do that.

CLIVE THOMPSON: Ah, that's the-- Well, you see the virus writers are students of human frailties, and all of them basically to a one would say yeah, sadly, our discipline is contingent upon the idiocy of the average person. [LAUGHTER] So fundamentally what you're left with is, you know, really make strong examples of anyone you can catch spreading these things -- try and scare people off. I actually think it does work, because if you look at the U.S., there is much less activity amongst virus writing scenes, because they're afraid of getting busted. As more countries get serious about this, it could potentially start to diminish the amount of viruses we see around. I doubt it could ever be gotten rid of entirely, because there's a very large global supply of bored teenagers, [LAUGHTER] basically, and that's not going anywhere.

BROOKE GLADSTONE: Clive, thank you very much.

CLIVE THOMPSON: Thank you.

BROOKE GLADSTONE: Clive Thompson wrote about the virus underground in this week's New York Times Magazine.

copyright 2004 WNYC Radio

Produced by WNYC Studios