Centers for Disease Control, Atlanta,
Georgia
Saturday, August 28, 2:31
P.M.
Time Remaining on the
Extinction Clock: 93 hours, 29 minutes
“Hey, Jude,” said Tom Ito, “remember that
virus you were asking about before? The one that was there and then
up and vanished?”
“Sure, what about it?”
“It’s back. Log onto the e-mail
screens.”
Judah swiveled in his chair and began
hammering keys on his laptop. The set of screens used by the
secretaries for handling e-mail, newsletters, and alerts popped us
as cascading windows.
Ito leaned over his shoulder. “Look for
auto-response e-mails. See, there’s eight of them. The virus is in
there.”
Judah quarantined the e-mails and ran virus
detection software. A pop-up screen flashed a warning. Judah loaded
an isolation program and used it to open one of the infected
e-mails. The software allowed them to view the content and its code
with a heavy firewall to prevent data spillover into the main
system.
The e-mail content said that the outgoing
CDC Alert e-mail was undeliverable because the recipient e-mail box
was full. That happened a lot. However, the software detected
Trojan horse-a form of mal-ware that appeared to perform a
desirable function in the target operating system but which
actually served other agendas, ranging from collecting information
such as credit card numbers and keystrokes to outright damage to
the computer. A lot of “free” software and goodies on the Internet,
including many screen savers, casino betting sites, porn, and
offers for coupon printouts uploaded Trojan horses to users. On the
business and government level they were common.
“Trojan?” asked Ito.
“Looks like. Can’t block the sender, though,
because it’s really using replies to our own mailing list to send
it.”
“Maybe someone hijacked some of our
subscribers and is using their addresses.”
“Probably.” Judah frowned. “Okay, we’re
going to have to identify the bounce-back e-mails and then block
those subscribers. Send a message to everyone.”
Ito headed back to his cubicle to work on it
while Judah uploaded info on the virus to US-CERT-the United States
Computer Emergency Readiness Team, part of Homeland Security. The
CDC was a government organization, and though this was very
low-level stuff, it was technically a cyberattack. Someone over at
CERT would take any warnings of a new virus and add it to the
database. If a trend was found an alert would be sent, and very
often CERT would provide updates to various operating systems that
would protect against further incidents. It was routine and Judah
had sent a hundred similar e-mails over the last few
years.
That should have done it.
It didn’t.
There were no additional e-mail bounce-backs
that day. None the next. Had Judah been able to match the current
e-mail with the ones that had appeared-and then vanished-from the
computers earlier he would have seen that the bounce-back e-mail
addresses were not the same. Nor was the content, nor the Trojan
horse. The senders of the e-mails were cautious.
When similar e-mail problems occurred at
offices of the National Institutes of Health in Bethesda, Maryland,
the main office and many regional offices of the World Health
Organization, the Coordinating Center for Health Information and
Service, the Agency for Toxic Substances and Disease Registry, the
Coordinating Center for Infectious Diseases, and the Coordinating
Office for Terrorism Preparedness and Emergency Response and a
dozen other health crisis management organizations, there were no
alarms rung. Each group received a completely different kind of
e-mail from all the others. There was no actual damage done, and
other than minor irritation there was no real reaction. Viruses and
spam e-mails are too common.
The real threats had not yet been
sent.
The Extinction Clock still had ninety-three
hours and twenty-nine minutes to go.