Ancient cybersecurity folks with more than 20 years’ experience in the industry will of course remember the infamous ILOVEYOU Love Letter email worm from the early 2000s. What they may not recall is that it was exactly 20 years ago when it first reared its ugly head.
20 years? What?! Yep: Two decades ago to the day this cyber-maggot paralyzed practically the whole world. Wanna know what the guy responsible for this global cyber-tragedy is doing now, and where? I’ll get to that a bit later…
But I’ll start with a summary of the events of 20 years ago, in case you missed them. First up: why ‘Love Letter’?
This cyber-vermin crawled into millions of folks’ email inboxes. The receiver got a ‘love letter’ from what looked to be a friend or acquaintance.
Curiosity killed the… email recipient: after the attached VBS was clicked, the malware basically took control and sent itself on behalf of the recipient to everyone in his/her address book. And in some kinda totally mental mega-exponential way managed to infect – in a matter of hours!! – practically the whole email-using planet!
This caused colossal damages (yes, the worm also damaged certain files) (damages: to the tune of several BILLION dollars!)). Curious fact: the code for e-mail distribution was swiped from another worm – Melissa – which a year earlier ran amok around the whole world too (Microsoft had to switch off its corporate email (in current terminology – self-isolated) in order to stop the spread of the worm).
There’s another interesting element of Love Letter: the worm would download from the internet a Trojan that stole the infected computers’ internet-access logins and passwords (this is back when access was mostly dial-up, costing a lot – using per-hour tariffs), and sent them to a given address.
Btw: up until then, practically all cyber-naughtiness was just that – naughtiness, aka, hooliganism, aka some hackers getting kicks, aka hackers suffering from delusions of grandeur, aka hackers not having grown up. But this guy, the author of the worm, later admitted that his aim was to steal passwords so he could access the internet without paying. Such a trivial reason; such damage because of it. But all the same – it represented the first steps in commercial cybercrime, no matter how ridiculous the intentions.
Looking back at the events of 20 years ago from the vantage point of 2020, I still view the incident as a lesson in absurdly costly cyber-idiotism, but I also think about how we – K – were so much younger then: providing protection at a different level (albeit the highest level, just like today).
Back then we had no trouble detecting and neutralizing Love Letter. By then our products were powered with external antivirus databases with daily micro-updates. So it took us minutes to deliver to our users protection. And later we added Script Checker (announcement in Russian) technology to the engine (a filter between the script program and its processor), which uses heuristic rules that automatically protect users from all future (and there were a great many) modifications of the worm.
Then Microsoft patched the vulnerability, preventing by default VBS scripts from being launched (and a lot more besides). And users started to learn the basics of computer hygiene, but even today – 20 years later – there’s still a long way to go on this. Folks still click things they shouldn’t; while the social engineering methods used, plus the vulnerabilities which they exploit, have only become all the more sophisticated.
So yes, the outbreak was dealt with. But whatever happened to the Dr. Evil behind ILOVEYOU? Well, just the other day – he reappeared, just in time for the 20-year anniversary!
Here he is – Onel de Guzman – who now works in a cramped phone repair booth in a mall in Manila in the Philippines!
Onel de Guzman and the journalist Geoff White. Source
Unlike David Smith, the author of the above-mentioned Melissa, Guzman didn’t suffer any comeupance in any way for what he’d done. He simply went unpunished. He got away with it. He was lucky: back then ‘computer crime’ was a bit of an alien concept to Philippine law…