College Info at LCSC Visit LCSC Web Site Monthly Calendar of Events LCSC News People at LCSC Sitemap/Search

College Communications Home

LCSC Today...

News Releases

Publications

Downloadable Graphics

Event Calendar

Resources

Advertising

Visitor's Center

E-mail us

 Contact: Carmen Rahm, Director & Chief Technology Officer, Information Technology - 208/792-2215

Lewis-Clark State Not Immune from Recent Virus

Tuesday, December 4th brought an unwelcome visitor to desktops around the Lewis-Clark State campus: That afternoon the college joined the list of those infected with the most recent virus to be unleashed on the desktop computers of the world. Fortunately, thanks to the quick actions of the college's Information Technology (IT) staff, the impact was isolated to a small number of systems.

Nicknamed Goner (short for "W32/Goner@MM"), the virus was labeled a Class 4 Internet Worm with a high-risk assessment. (A Class 5 Virus is considered the worst). The Goner virus spreads rapidly, using Microsoft Outlook to send itself to all entries in the infected computer's Address Book. Information on "Goner" and other viruses is available from a link on the IT Website.

The virus was first identified at the college early in the afternoon on the 4th. Because the global discovery date of the virus--when it was officially recognized--was that same day, there were no updated screening definitions to fight the virus available immediately. These definitions have to be developed once a virus is identified, and, until updated definitions for Goner could be developed and applied, computer systems everywhere were extremely vulnerable.

Gavin Budd, of IT's Networks and User Services Group, was instrumental in limiting the virus' spread on campus. Describing events, Budd said, "Normally new virus definitions are automatically updated on our systems. However, since this virus was spreading so rapidly, it was able to reach us before anti-virus vendors had definitions available to screen for it." Budd worked closely with the college's virus scanning software vender to make sure updated definitions for Goner were put to work as soon as possible.

Lewis-Clark State uses virus scanning software from Network Associates to protect the college from defined viruses. Within a very short time, Network Associates had updated virus definitions for Goner available and Budd forced a download of these definitions to the Lewis-Clark State system.

At the same time, Lewis-Clark's email server was shutdown to prevent further propagation of the virus to other computers on campus. Administrative Assistant Julie Crea and others in IT were also notifying email users of the situation and advising them about actions to take when mail service was resumed. Once the college's anti-virus software was updated, the email server was returned to service and clean-up of the infected systems began. Budd and IT co-worker Jon Sittner visited each infected desktop computer to return them to a healthy state.

Commenting on the virus' impacts, IT Director Carmen Rahm noted that, "In addition to the pure nuisance of this virus, it does have direct and indirect impacts: First of all, the virus attempts to delete security software and other files located on computers that it is able to infect. Another impact of viruses that spread in this manner, is that they will consume huge amounts of storage space as the email is sent hundreds or even thousands of times." He added that detailed information on the "payload" of the Goner virus is available on web.

Outside of the problems it may have caused for college computer users, Rahm said the virus may have created an opportunity of sorts: Lewis-Clark State email users, whether infected with the virus or not, would be encouraged to take steps to clean-up email in their "Sent" and "Deleted" folders. He reported that Instructions for doing this, as well as answers to other frequently asked questions (FAQ's) regarding email are available on the IT website.

Can these attacks be prevented? Rahm's response to that question was: "There are certainly numerous steps that can be taken to reduce the risk of infection by these viruses. However, due to the speed at which this and other viruses are spreading, guaranteeing that viruses will never attack Lewis-Clark is impossible. The only true way to maximize protection would be to disconnect from the Internet, ban personnel from carrying CDs and disks from off-campus, place burdensome restrictions on how email is managed, or move to lesser used systems/software that are currently not the targets of the virus originators."

These options are clearly not realistic in the higher education environment, Rahm noted. "So education, up-to-date screening software, and other tools of the times will continue to be employed as they are needed."



 

ACADEMICS | ADMISSIONS | ALUMNI | ATHLETICS | CAMPUS LIFE AND DIVERSITY | LIFELONG LEARNING | WELCOME TO LCSC | WORKING at LCSC

CALENDAR | NEWS | PEOPLE | SITE MAP | HOME

Lewis-Clark State College, 500 8th Avenue, Lewiston, ID 83501  (208) 792-5272
 Questions or comments may be sent to : LCSCCommunications