Skip to main content

November 1988 Internet Computer Virus and the Vulnerability of National Telecommunications Networks to Computer Viruses

T-IMTEC-89-10 Published: Jul 20, 1989. Publicly Released: Jul 20, 1989.
Jump To:
Skip to Highlights

Highlights

GAO discussed the November 1988 Internet computer virus incident, during which a computer program disrupted national research networks' operations by entering their computers and continually reproducing. GAO noted that: (1) although the virus did not permanently damage Internet, a slightly different program could have caused widespread network damage and compromise; (2) Internet vulnerabilities facilitating the spread of the virus included the lack of a security focal point, security weaknesses at host sites, and problems in resolving software holes; (3) federal computer-crime laws did not specifically address computer viruses; and (4) although some networks have established computer security response centers and issued ethics statements to address Internet vulnerabilities, such corrective actions as heightening users' security awareness, improving identified host-level weaknesses, and establishing a security focal point could further reduce vulnerabilities. GAO believes that, in light of Internet's evolution into a high-speed, enhanced network system with greater accessibility and international connections, an interagency group should serve as an Internet security focal point to provide security policy, direction, and coordination.

Full Report

Office of Public Affairs

Topics

Computer crimesComputer networksComputer securitySoftwareComputer virusesData transmissionInformation systemsInteragency relationsInternetResearch and development facilities