Security Software > Security News

Author of computer virus that attacked Microsoft site pleads guilty

BY LESLIE BROOKS SUZUKAMO

Knight Ridder Newspapers

ST. PAUL, Minn. - (KRT) - Jeffrey Lee Parson, the 19-year-old Hopkins High School senior arrested in connection with last summer's massive "Blaster" computer worm outbreak, plead guilty Wednesday to authoring and unleashing an early variant of the worm that infected scores of computers and tried to take down a Microsoft Web site.

Authorities said they hope Parson's guilty plea in a Seattle federal court will serve as an example to scare off other virus writers who, like Parson, tend to be young, create viruses for bragging rights and possess just enough computer knowledge to be dangerous.

But several computer security experts said Wednesday that the shadowy world of computer viruses has evolved disturbingly in the 12 months since the Blaster worms wrecked havoc on networks worldwide last August.

The new breed of virus writer is older, craftier and writing viruses for money, not kicks. They are likely living overseas and associated with organized crime in developing nations like Russia and Romania where computer crimes are not a high police priority.

For network managers like Michael Barnes, the director of information technology for the Minnesota Department of Transportation, that means steeling yourself for more attacks. His department got socked by one of the variants of the Blaster worm last year and since then has beefed up its ability to load anti-virus software and worm patches automatically.

"His being sentenced - it's going to help," Barnes said of Parson. "But our future is: It's not whether there's going to be a virus attack, it's where and when."

Parson originally plead innocent to the government's single charge of intentionally causing or attempting to cause damage to a protected computer, but changed his plea to guilty Wednesday in Seattle. He was prosecuted in Washington state because he had been tracked down by a federal cyber crimes task force based in Seattle, near where Microsoft is headquartered.

Under a plea, Parson will serve at least 1 1/2 years but no more than three years and one month in federal prison. Had he gone to trial, he could have faced 10 years in prison and a fine of up to $250,000 if found guilty.

U.S. District Court Judge Marsha Pechman will sentence Parson on Nov. 12. If she departs from the negotiated plea, either side could withdraw from the deal and choose to go to trial or renegotiate.

"People in the shoes of Parson who are thinking about doing this sort of thing ought to think twice," said Assistant U.S. Attorney Annette Hayes, who prosecuted the case.

She said Parson's worm, called Blaster.B or teekids, caused more than $1 million in damage. Authorities are working with Microsoft to come up with a damage estimate to present to the judge at sentencing.

"I think it's a wake-up call for all of those who have committed computer crimes," said FBI Special Agent Paul McCabe, spokesman for the Minneapolis office, whose agents joined Secret Service agents in arresting Parson from his parents' home in Hopkins on Aug. 29, 2003.

But federal public defender Carol Koller, who represented Parson, said she thinks kids simply will hit the snooze button. "My fear is that they're not paying attention to the standard media and getting the message," she said.

Microsoft, which makes the Windows operating system that runs nine out of 10 desktop computers worldwide, had been a target of the original Blaster worm. That worm, called Blaster.A, contained a "backdoor" program that surreptitiously took control of infected computers and ordered them to launch a furious coordinated attack on the Windows update Web site on Aug. 16, 2003, hoping to prevent other computers from connecting to it to get the software to protect against worms like Blaster.

Parson's variant did the same thing. He downloaded a copy of the original worm from a virus writer's Web site, modified it and sent it out on Aug. 12, 2003. By Aug. 16, Parson's Web site had logged about 1,222 Internet addresses that corresponded to an infected computer, his plea agreement said.

Internet security authorities like Johannes Ullrich, the chief technical officer for the SANS Internet Storm Center, one of the world's preeminent early warning systems for computer attacks, said they also doubt that Parson's conviction will do much to deter virus writers.

"There have been too few of them caught for them to care," he said from his office in Quincy, Mass. Indeed, although the FBI has made computer crimes a high priority and had some success in catching a few virus writers, there still have been no arrests of the authors of the original Blaster worm or of some other major worms like Code Red and Nimda.

More virus writers lately are not thrill-seeking kids anymore but profit-motivated criminals who use viruses to control large networks of home computers to send out junk e-mail, said Mark Shavlik, CEO and founder of Roseville-based Shavlik Technologies, a software firm that makes security patches for Windows.

Young people like Parson tend not to realize the amount of damage they can cause when they send out a virus, said Keith Stellar, a Minneapolis security consultant with his own firm, IT Conduit, who also teaches network security classes at Inver Hills Community College.

Another perennial problem is that most viruses are still triggered by unsuspecting computer users, who open up an e-mail attachment that they shouldn't, Ullrich said.

"There isn't really much of a technical protection against that," he said.

---

© 2004, St. Paul Pioneer Press (St. Paul, Minn.).

Visit the World Wide Web site of the Pioneer Press at http://www.twincities.com/mld/pioneerpress/

Distributed by Knight Ridder/Tribune Information Services.

Also see: [ Anti Virus Software ] [ Anti Spy Software ]