Finally, however, four Israeli college students, aged 15 and 16, were arrested on December 7th, 2001 on suspicion of creating the "Goner" virus after being traced through an Internet Relay Chat (IRC) channel. Although the authors used nicknames and stolen Internet accounts to hide their tracks, police took less than a week to find them because they left incriminating evidence on Israeli portions of the web. Because the virus also attempted to connect a host computer to an IRC channel named "Pentagonex" that was registered with a volunteer-run service provider called DALnet, the system administrator at DALnet was able to trace the senders. They found an Internet Protocol (IP) address and e-mail address, logged during registration of the channel that led to an Internet service provider based in Israel, which enabled individuals to be identified. DALnet administrators contacted the FBI as well as the U.S. government's Computer Emergency Response Team (CERT), who in turn informed Israeli investigators 

This "Goner" virus consists of a rouge e-mail that is simply named "hi" and arrives with an attachment - apparently screensaver - called "Gone.scr". The message reads: "How are you? When I saw this screensaver I immediately thought of you. I'm in a Harry (sic). I promise you will love it." When the attachment is clicked, the malicious software inside displays a small dialog box, which suggests that a legitimate program is at work. However, in the background, the virus is busily plundering the address book of any Microsoft Outlook e-mail program it finds. 

The virus was designed after the virus "Melissa", which caused millions of dollars of damage worldwide in 1999, but was able to prevent detection by anti-virus and firewall programs. Two distinctive features mark the virus as a new bread of Internet threat. Like its viral predecessors, it spreads through Microsoft's Outlook address book, but "Goner" also sends itself through the popular online chat programs "ICQ" instant messaging and Internet Relay Chat "IRC". Another unique trait is its file size and simplicity. "Goner" weighs in at a remarkably small 159 kilobytes and was created using very simple programming language. 

However, even though the "Goner" was destructive, it was only the second virus on Trend Micro Inc.'s worldwide outbreak map, third on Network Associate Inc.'s daily list and only seventh on McAfee.com's real-time virus map. In fact, computer hacking and virus spreading is not new to the computer world, and certainly not new to Israeli students. 

During heightened tensions in the Persian Gulf, hackers touched off a string of break-ins to unclassified Pentagon computers. Then - U.S. Deputy Defense Secretary John Hamre called it "the most organized and systematic attack" on U.S. military system to date. An investigation pointed at that time to two American teens. A 19-year-old Israeli hacker who called himself "The Analyzer" (aka Ehud Tenebaum) was eventually identified as their ringleader and arrested. Today Tenebaum is chief technology officer of computer consulting firm. 

Despite heightened security and investigations, however, computer hacking will only get worse, according to the Computer Emergency Response Team (CERT). They recorded nearly 35,000 security incidents so far this year, far more than the total for the whole of 2000. If cyber attacks continue at the same rate, the total number could reach 46,000, more than twice the 21,756 incidents reported last year. CERT warns that viruses are becoming increasingly easy to write because of virus generating tool kits freely available over the Internet. In addition, since more and more home users are signing up for always-on, high speed internet access such as ADSL (Asymmetric Digital Subscriber Line), there will be a large increase in the number of home users who find their computers have been attacked. 

Furthermore, some experts indicated that anti-virus vendors tend to hype up the prevalence of viruses in order to advance the case for users buying their software to stave off virus attacks. However, home users should, in addition, be signed up to receive security updates from their Internet server. Also, home users may want to consider getting a firewall for their PCs at home. Above all, they should not open e-mail attachments or files received via instant messaging applications before scanning them with an anti-virus product: they should also install filters on mail servers to prevent potentially harmful files. 

Sources: 

ABC News. "Israeli Hackers Charged." www.abcnews.go.com/sections/scitech/DailyNews/hacker990209.html 

BBC. "Goner virus arrests in Israel." 

CNN. "Israeli Youths Confess To Spreading Goner Worm." 

IT World. "Hacking's History." www.itworld.com/nl/lnx_sec/11062001/?idgnet