Electronics experts said Friday they had managed to kill a programming "virus" that wreaked havoc on vital university, government and industry research computers nationwide as investigators zeroed in on the culprit.
The New York Times reported in its Saturday editions that the virus, a pest program that snarled America's computer network by duplicating itself countless times, was created by a graduate student at Cornell University.The Times, citing two unnamed sources with detailed knowledge of the case, identified the culprit as Robert T. Morris Jr., 23, whose father, Robert Morris Sr., is the chief scientist at the National Computer Security Center in Bethesda, Md., an arm of the super-secret National Security Agency.
The younger Morris wrote computer instructions for the virus as an experiment that was intended to live innocently and undetected in ARPAnet, a system on which 300 universities, private research firms and military experts exchange unclassified information, the newspaper said.
The paper said the younger Morris flew to Washington Friday and, after hiring a lawyer, planned to meet with officials from the Defense Communications Agency, which is in charge of the ARPAnet network.
Meanwhile, weary computer operators said they believed they had cleaned the pest program from computers and taken measures to protect them from future attacks.
"As far as we know, the virus is now dead," said Stephen Wolff, director of networking and com munication research at the National Science Foundation in Washington.
Dr. Raymond S. Colladay, the director of the Advanced Research Projects Agency, told a Pentagon briefing the virus had been defeated in roughly 24 hours' time after being spotted Wednesday evening.
He said the Pentagon was confident the computer network had resumed normal operations.
At Massachusetts Institute of Technology, James Bruce, vice president for information systems, said a team of experts from MIT and the University of California at Berkeley were trying to trace the virus to its origin.
The "virus" was a small, initially invisible set of computer instructions slipped into an electronic mail program serving a nationwide computer network known as INTERNET.
About 6,000, or 10 percent, of the research computers that use the network are believed to have been affected.
Once inside a computer, the invading viral program forced computers to endlessly copy it and send it to other computers. The virus apparently did not destroy any information in the computers but slowed their functions or shut them downunder the pressure of continuously replicating the pest program.
FBI spokesman Mickey Drake said the law enforcement agency likely will look into the computer crisis to determine if any federal laws were broken. Under the Computer Fraud and Abuse Act, unauthorized access to federal government computers is a crime.
MIT's computer sleuths said they were convinced the planting of the virus was intentional and not an error. But they speculated it was meant as a warning, to expose the network's vulnerability, and not really to do any damage.
"I think the working hypothesis has to be that someone very intentionally inserted a program that had these characteristics. I do not know the purpose that that individual had and clearly we would like to understand that," Bruce said.
"I think a lot of people learned a lesson in the last two days," said Jeffrey Schiller, MIT's manager of computer networks.