Campus deals with new round of spam, viruses and worms

Updated 4:00 PM September 2, 2003

Got e-mail? Campus deals with new round of spam, viruses and worms

By Katie Gazella

During a time of regular onslaughts from viruses, worms and spam, information technology experts on campus say average users can help themselves by learning more about the various technological evils that seem ever-more troublesome and inescapable.

"Receiver beware, and never underestimate the power of the delete key," says James Hilton, associate provost for academic, information and instructional technology affairs.

This advice is particularly useful if the problems continue at the same level as in recent weeks, when a confluence of worms and viruses attacked computers all around U-M and the world at large.

While IT staffers on campus continue to advise users to set up e-mail filters in their desktop e-mail packages and to delete suspicious mail, the University also is working on a variety of efforts to block viruses before they ever arrive in individual inboxes and to filter spam so users don't have to see it.

Representatives from Information Technology Central Services (ITCS) and several schools and colleges are looking into ways of filtering spam on ITCS central servers. They still are working on details, but they hope to have a system in place this fall, says Kitty Bridges, executive director of ITCS.

Those looking at such filters are aware that they not only need to protect users from annoying and harmful e-mail, but also that they must be sensitive to privacy and free-speech issues, Hilton says. One person’s definition of spam might include the pharmaceutical pitches and ads for financial service; another person’s definition might include unsolicited announcements of campus talks and departmental events.

“Spam is a delicate issue for universities,” Hilton says. “What is spam in one person’s eye is free expression in another person’s eye.”

Even after a system is in place, people still will receive spam because those people sending it change the characteristics of the e-mails, often eluding even the latest filters, Bridges notes. “Spammers stay a step ahead of everyone,” she says.

Changes also are being made to allow e-mail groups to be made private—that is, the list of members will not be published, and only members of the group will be able to send messages to the group.

In addition to the spam filters, anti-virus scanning and filtering at the gateway level are planned for implementation this month, Bridges says. Even after this system is in place, users still may receive e-mails containing viruses from time to time, and they will get bouncebacks that appear as undeliverable mail notices, she says. But many virus e-mails won’t make it to individual inboxes once this system is in place, she says.

Viruses that come through e-mail are a sinister type of spam, says Liz Sweet, director of the ITCS User Advocate Office. They are spread from one computer to another, commonly through e-mail attachments. The recipient usually must take an explicit action, such as opening an attachment, to be infected. Once infected, the virus will send itself to other computers.

Blocking viruses is easier than filtering spam because the process is based on the specific characteristics of each virus, Sweet says. Once the new blocking system is in place, she says, “We look to see a dramatic drop in the number of e-mail viruses on campus.”

ITCS—which blocked the fast-spreading SoBig.F virus starting Aug. 23—has suggested that mail groups being bombarded with bouncebacks related to the virus can become “moderated” mail groups. If that happens, then all mail sent to the group would go to a moderator or moderators, who then could decide which mail to forward on to the whole group.

Worms—the small pieces of software that use computer networks and security holes to replicate themselves—are a particular kind of infection causing a great deal of trouble recently, including the Blaster/LovSan and Nachi worms.

“They’re so simple, and so devastating,” says Paul Howell, an information systems security officer for Michigan Administrative Information Services. When worms go after users' computers, he says, “sometimes you may not know anything is happening.”

When students returned to campus last week, they were greeted with information about patching their computers to protect against a security flaw before connecting to the Internet. Patches are available on a security disc at residence halls, the Angell Hall Computing Site, Media Union Computing Site and the Computer Showcase in the Michigan Union.

In addition to patching their computers, students and the rest of the University community are encouraged to do the following:

• Install anti-virus software, which can be downloaded for free at http://www.itd.umich.edu/virusbusters/virusscan-download.html
• Don’t open attachments, even from people you know, unless it’s something you’re expecting
• Properly configure the options on Internet Explorer. For security reasons, Howell says, it is wise to turn off certain functions, including JavaScript, Java and ActiveX for untrustworthy Web sites. But he says it may be important to leave those on for trusted sites, such as http://wolverineaccess.umich.edu
• Configure your desktop e-mail package to filter e-mail you consider to be spam
• Be wary about incoming mail, and know that it may not actually be coming from the person identified as the sender.

Got e-mail? Campus deals with new round of spam, viruses and worms

More Stories