Aug. 21, 2001 by Aspen C. Emmett Area school districts have caught a virus — a computer-generated virus, that is. According to Charlie Powell, technology director for the Southwest Board of Cooperative Services, the SirCam "worm" entered the schools’ systems in July via an untraceable e-mail and has spread throughout computers in a very mischievous and potentially embarrassing manner. SirCam has been classified as a "high risk" virus by (antivirus software manufacturer) McAfee risk assessment rating because of the damage it does to computers and the speed in which it spreads, Powell said. "It pretty much invaded the country in its first week," he said. Montezuma-Cortez, Mancos and Dolores school districts are all being affected by SirCam. Once the worm invades a computer, it rewrites the registry so that programs won’t work, Powell explained. Then, the worm randomly selects a file from "my documents" on the infected computer and sends it out to all e-mail addresses in the computer user’s address book. The e-mail, along with the random document and the worm, is sent out disguised as a message from the sending computer’s user. Most messages read "Hi! How are you? I need your advice" or a similar phrase, and include an attachment. (A Spanish-language version also exists, beginning, "Hola, como estas?") As soon as the attachment is opened, the virus is passed on, and the computerowner doesn’t even know any e-mails have been sent out. Re-1 superintendent Bill Thompson said the virus catches recipients off guard because it is sent from a familiar e-mail address. Thompson said he has received SirCam e-mails from school principals and fellow administrators. One such e-mail came from Director of Human Services Dave Crews’ e-mail. "The heading on his e-mail was ‘table bid’ and when I opened it, I got CSAP scores," Thompson said. "So nothing fits together." Perhaps the most damaging aspect of the virus is the randomly selected document the worm sends out to the e-mail addresses in the computer user’s address book. "It’s been a tad embarrassing for some people," Powell commented. "Highly personal information and confidential stuff has gone out in some cases." Within the school districts, sent documents have included test scores and teacher evaluations. And on a larger scale, very intimate correspondence was dispersed thanks to SirCam, Powell said in reference to rumors. "I heard through Fone.Net that one of their customers had a letter go out that was from a man explaining to his wife why he wanted a divorce." Powell said the schools were lucky because the virus hit during the summer when the majority of staff members were on vacation. "That teacher evaluation — we’re incredibly fortunate it happened when it did," he said. Additionally, for the purpose of ridding the system of SirCam, timing was important, Powell said. "I was very concerned that when teachers came back, it would get away from me." But Powell, who has been working day in and day out to restore the schools’ servers to normal, has succeeded in fighting the virus by searching the servers for ‘your advice’ and subsequently deleting more than 2000 related files. "It’s much better now," he said. "We’re down to finding about a dozen a day — we can live with that. "I was just tickled to death when I found a way to eliminate those off of the server so when teachers come back and check their mail, the virus won’t be there to pick it up." Thompson said though, that the district will likely require all school employees to delete all their e-mail from the summer as a precautionary measure. So far, Powell has had to restore more than 40 computers in the school districts and expects more problems to surface when school starts in September. The fiscal reproductions of the SirCam virus will likely be minimal to the local schools because Powell has been able to handle the situation within the district’s staff. But in general, viruses are very costly to the schools. This year Re-1 has spent approximately $16,000 in preventative virus software. "That was just ordered and being installed this fall and (SirCam) happened before that could be installed," Thompson said. Additionally, dealing with the virus has been very time consuming for Powell and administrators. "It takes any where from half an hour to an hour to get rid of it and get it rebooted," Thompson said. "And for Charlie Powell, that’s time he could be doing something else. It’s involved several days of his time so far. "I wish the people who are that ambitious to create the virus would use that to do something productive — they could do a whole lot more for us." Powell emphasized SirCam has effected computers nationwide and the general public can follow some simple preventative tips to avoid all destructive computer viruses. • Use a virus scan program and update it regularly. • Don’t open file attachments you are not expecting. • View all file attachments with caution — even those sent from someone you know. |
Copyright © 2001 the Cortez Journal.
All rights reserved. |