A series of computer viruses that wormed their way into corporate America last month has spurred some Spokane-area businesses and agencies to review their cyber safeguards.


What theyre finding is of little comfort in many cases, information-technology professionals here say. They say virus-protection software and firewalls provide the best defense against bugs, but wont keep everything out.


The last couple of notable viruses have burrowed their way around high-tech safeguards in some instances, which has employers looking to a low-tech solution to keep bugs out: train workers to look for viruses and deter their spread.


The human element is key, says Aaron Fisher, president of Inland Northwest Technologies LLC, a Spokane technical consulting firm. Most of the time, viruses come in through e-mail. A little bit of training can really make you.


Viruses can render a network or desktop computer useless until theyre removed, resulting in loss of documents and work on screen. If a company inadvertently spreads a virus to other users, it could be blacklisted so that those it infects wont accept future e-mail from it. At the very least, viruses will slow down a network or desktop computer, causing loss of production, increased technical-help costs, and a high level of frustration, says Dusty Miller, president of Network Design & Management Inc., of Spokane.


Contineo Technologies CEO Scott Wetzel says that although none of that Spokane companys clients suffered attacks from the recent viruses, I think youre starting to see a more devastating effect by these intrusions. I dont know if theyve gotten nastier, or if technology is just more common.


Two of the most notorious viruses to strike recently were called the SoBig.F virus, which arrived as an e-mail attachment and upon being opened sent itself to every e-mail address listed in a victims contacts list, and the Blaster virus, which exploited security holes in Microsoft operating systems.


Companies often caught SoBig.F when an employee opened an e-mail attachment that contained the virus. Such viruses often came from an acquaintance and had a seemingly benignthough likely irrelevant and unsolicitedsubject line, such as RE: thank you or RE: your application.


Miller says that to deter viruses, Network Design has adopted an in-house policy regarding handling of e-mail. The policy is simple and clear: Employees arent supposed to open e-mails from unknown sources, or unexpected messages from acquaintances that have no apparent relevance.


Education is No. 1, Miller says. Were all curious, but you have to have them (employees) understand what they are actually reading.


Some of Network Designs customers, few of whom were hit by the SoBig.F virus, have brought in the company to help them train employees, Miller says.


Being cautious


When the I Love You virus struck a couple of years ago, many city of Spokane employees learned the hard way to be cautious with e-mail, says Garv Brakel, the citys Management Information Services director. He says many of the computers operated by the citys department heads contracted that virus after they opened e-mails from other managers with the subject line, I Love You.


They said, Why the hell is this other department saying he loves me? but theyd open it anyway and spread it around, Brakel says.


Both of the recent rounds of viruses affected the city as well. The Blaster virus got into the citys network and affected roughly one-third of the citys computers. The citys team of IT workers spent the better part of four days rehabilitating about 300 computers.


Disturbingly, the city contracted Blaster even after virus patches safeguarding against the virus already were in place, Brakel says. He doesnt know for sure how that happened, but it could have come from a laptop that an employee brought from home and hooked into the system.


The city didnt get SoBig.F, but did suffer a side effect from it. The virus was set up to take e-mail addresses off of Web sitessuch as the city of Spokanes siteand send out e-mails, with those addresses listed as the sender.


Recipients were getting the e-mails with our e-mail addresses, but they werent coming from us, Brakel says.


Still, the city still spent a lot of time responding to messages from server administrators elsewhere that reprimanded it for sending them a virus.


Brakel expresses a common frustration about viruses and virus protection: Fixing them and protecting against them typically arent mission-related priorities. With the city, that means such measures dont do anything directly for the average citizen. With a business, those measures often dont boost the bottom line directly.


In addition to firewalls and virus-protection software, Network Design systems engineer Paul McClearn says companies should consider installing an intrusion-detection system that will notify an IT technician if theres an attempted intrusion or if a virus gets through. Few companies, however, have taken such measures so far, McClearn says.


Wetzel, of Contineo, says that while virus protection is important, he sees viruses as the drive-by shootings of cyber crimes. They grab the headlines and are alarming, but are isolated incidents often undertaken by a renegade individual.


Other cyber crimesidentity theft, information theft, online fraud, and otherscan be more harmful to a company and must be a companys first cyber-security priority, he says.