Virus hits two classified systems, stalls e-mail access at Defense

Virus hits two classified systems, stalls e-mail access at Defense

The ILOVEYOU virus rapidly wormed its way into two Defense Department classified systems via e-mail attachments.

The Joint Task Force on Computer Network Defense received a report late on May 4 that the bug had contaminated a classified internal e-mail system, said Kenneth Bacon, the assistant secretary of Defense for public affairs.

The following day, task force officials at Peterson Air Force Base, Colo., reported that another classified system was infected.

'The virus was quickly detected and contained,' Bacon said. The bug contaminated less than 1 percent of the network, and task force officials reported no impact on military operations, he said.

The overall impact of the virus was minimal, a DOD spokesman said. 'Some installations had to shut down their public servers,' task force spokesman Scott Johnson said. 'It was a minor inconvenience more than anything else.'

Marine Corps officials took their Microsoft Exchange servers off-line for about 24 hours, said Capt. Carl M. Wright, chief information security officer at the Network Operations Center at Marine Corps Base Quantico, Va.

The Corps' experience with the Melissa virus in March last year, which killed access to DOD's Non-Classified IP Router Network e-mail for five days [GCN, Aug. 23, 1999, Page 52], prepared the Corps for the Love Bug, Wright said. 'The impact was substantially less' than with Melissa.

Corps officials first heard about the virus' rapid European proliferation at 7 a.m. EST, he said. 'We tried to get a copy of it to see what it did,' an effort that other DOD organizations also undertook, he said. Wright received a copy by early afternoon.

In the afternoon, Corps officials decided to shut off NIPRnet access until they could obtain an updated signature file from an antivirus software vendor to eradicate the bug.

'From a cost-benefit analysis, we decided the cost of a cleanup would be greater than what we lost' by denying NIPRnet access, he said. Within 24 hours, most of the Exchange servers were back online with NIPRnet access, he said.

'We got a lot of calls,' said Maj. Michael McNett, director of the Army Network and Systems Operations Center at Fort Huachuca, Ariz. 'Some sites brought down their Microsoft Exchange servers to proactively deal with it. We got a few reports of that from various sites.'

Despite the struggles, 'overall, it went pretty well,' he said.

'Bill Murray


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected