Viruses and Spam: Time to Fight Back

The information economy has lost its innocence. The twin scourges of software viruses and e-mail spam are merging into a single epidemic that is overwhelming the nation's communication and information systems. The blinding speed with which SoBig and Blaster disrupted corporate networks and personal computers threatens the productivity gains made possible by the Information Age. So far, it appears that the disruptions are the work of malicious and misguided hackers. But it's only a matter of time before national security is threatened by hacker mayhem. Washington, Corporate America, Microsoft Corp., and millions of PC users must join in a serious effort to safeguard the Internet and keep the flow of information open. Nothing less than America's prosperity and safety are at stake.

Viruses are far more than just a nuisance. Anyone working in an office knows that e-mail and computer systems are slowing down as corporations do battle with viruses. Firewalls and spam blockers are also preventing e-mails from getting through and stopping people from gaining access to many Internet sites. Communications are being disrupted and information flows are being curbed. This could have a very serious economic impact if it continues. An increasing number of companies have had their operations grind to a halt. CSX, Lockheed Martin, the U.S. Postal Service, Starbucks, and Air Canada are but a few of the companies that have been hit hard. Consumers buying new PCs are suffering as well. Many have found their laptops infected and unusable within minutes of turning them on. Trying to fix them by downloading software patches often proves to be a nightmare.

At the moment, the virus hunters are losing the fight against the virus writers. It can only get worse. SoBig is one of a new species of spam virus, born of the interbreeding between software viruses and spam. It distributed itself so widely, so fast, that virus hunters couldn't catch up to it. In fact, the proliferation of viruses and the onslaught of spam have left companies and consumers staggering.

What to do? Battling spam may be the easy part. The Federal Trade Commission should create a consumer opt-out site for spam, just as it did with telemarketing. Telemarketers are lobbying against such a move in Congress, but the overall public interest should prevail. E-mail was the killer app of the Internet revolution, and now people dread opening theirs each morning. Washington needs to replicate its popular registry with a site that allows consumers to receive e-mail only from chosen retailers and marketers.

Fighting viruses will be much harder. The Information Age was born of a culture that celebrated openness and speed. This was especially true of the software industry, where getting new products out fast and fixing bugs later was the norm. This culture now has to change. Security and reliability are as important as novelty features and price. Microsoft in particular, as the private owner of a de facto public utility, Windows OS, has to shift its priorities. Shipping new programs that have security loopholes and issuing patches later to fix them is no longer acceptable. Software has to be designed from the very beginning to be as bug- and loophole-free as possible. Microsoft acknowledges this responsibility and is already taking major steps to build more trustworthy and secure products. It is notifying consumers to download patches when they are made available. Yet the very success of SoBig and Blaster show that Microsoft has a way to go.

In the end, it may well be that a high-tech monoculture based on centralized and standardized systems is making the information economy too vulnerable. Mistakes and mischief, not to mention terrorism, may be inevitable in the 21st century. But now one failure of the electricity grid in a town in Ohio puts 50 million people in the dark. One virus that infects one basic software program shuts down entire networks and millions of computers around the world. Long-term, reliability and security may require greater diversity in software, not less. We underestimate the threat hackers pose to prosperity at our peril. They have evolved into economic terrorists of the Information Age and should be treated accordingly.

    Before it's here, it's on the Bloomberg Terminal.