"I remember at the time seeing various news reports linked to the unintended side effects that came from its reach," he continues, "systems down due to overload or turned off simply to prevent infection." Post-ILOVEYOU, Day says that prevention strategies changed.
"ILOVEYOU leveraged emotions in a whole new way as part of a cyber-attack," Day told me, "both via our want to be loved, and also by tricking people into a false sense of trust, as the likelihood was that the ILOVEYOU email was from someone you knew, when actually victims’ contacts lists were being stolen to spread the virus."Ĭombining this and its mass mailing capabilities with the fact that the concept itself was still young at that time, Day explains this meant it spread faster and broader than an attack had ever spread before. Greg Day, CSO (EMEA) at Palo Alto Networks, says that ILOVEYOU caused a fundamental shift in the cyber-threat landscape for a number of reasons. It changed how we viewed the internet, and marked the first time we had to be more careful when looking at email or exploring the web." MORE FROM FORBES Hospitals On COVID-19 Frontline Facing 'Double Extortion' Cyber Threat By Davey Winder ILOVEYOU caused a fundamental shift in the cyber-threat landscape
"For myself, and many others in the information security field," Childs says, "the LOVEBUG was our first experience with malicious code and the impact it can have on the world.
"The LOVEBUG was the first malware I remember the media talking about,” Childs told me, "in Winnipeg, the day of the initial spread and for days after, the personalities on the radio were discussing this new worm that was causing problems all over the globe." Only a child at the time, he didn't appreciate the full impact of that event until some years later. The advice that an educated user is the best defense against the threats that most organizations have still rings true today. They pose a larger risk for personal computers which tend to have fewer protection features and are often used by non-technically-oriented people," the advisory warned. "Viruses can spread quickly and can cause extensive damage. Childs was able to find a Community Emergency Response Team (CERT) advisory document dated September 22, 1989, some eleven years before the ILOVEYOU infection, that warned of the dangers that viruses and worms could pose in general and offered mitigation advice.
MORE FROM FORBES This Surprisingly Simple Email Trick Will Stop Spam With One Click By Davey Winder Looking back to the archives reveals historical warnings about global virus dangersĬolin Childs, the senior security architect at Octopi Managed Services, has helped compile an historical hacking archive aimed at security researchers and members of the broader infosec community. As well as overwriting an apparently totally random set of files from documents to photographs, ILOVEYOU would look for the Microsoft Outlook Windows address book and send a copy of itself to all the contacts listed.
The act of opening the 'document' executed the script and the ILOVEYOU worm was set free on that computer and any others it was connected to. vbs was hidden by default from view on Windows machines, so a file called, as in this case, "" appeared for all intents and purposes to be a text document as the last file extension wasn't displayed. The Visual Basic script file extension of.