Skip to main content
This is archived information. It may contain outdated contact names, telephone numbers, Web links, or other information. For up-to-date information visit GSA.gov pages by topic or contact our Office of Public Affairs at media@gsa.gov. For a list of public affairs officers by beat, visit the GSA Newsroom.

GSA's FedCIRC Contributed to Rapid Development of Anti-Virus Solution for "Love Letter Worm"

GSA # 9683

May 12, 2000
Contact: Eleni Martin (202) 501-1231 or
David Jarrell (202) 708-5060

WASHINGTON - Immediately after receipt of the first reports of the "VBS.LoveLetter.A" or "Love Letter Worm," the U.S. General Services Administration's Federal Computer Incident Response Capability (FedCIRC) began an intensive and coordinated effort to notify federal agencies about the situation.

FedCIRC collaborated with the National Infrastructure Protection Center, the National Security Incident Response Center, The DoD CERT, the Carnegie Mellon CERT Coordination Center and various anti-virus industry partners to develop effective defenses to prevent proliferation of the worm.

Less than an hour later, FedCIRC had posted the initial advisory on their web site and began the agency notification process. Because of the worm's rapid propagation and adverse impact on agency mail services, many e-mail systems were malfunctioning and unable to deliver the advisory.

To ensure that notifications and procedural guidance for managing the situation reached agencies, FedCIRC implemented its contingency plan and employed fax machines and phones to contact chief information officers throughout government. As of this release, FedCIRC continues to communicate with its partners and collect information on the variations of the worm that are surfacing and publish the information in the public domain.

The stealth methods used in the coding of the hostile e-mail produce numerous replications of the code that masquerade as legitimate files to elude eradication efforts. For that reason, a recurrence of the worm is likely if an unsuspecting user executes or launches one of the worm-laden files.

For additional information, contact FedCIRC at (202) 708-5060 or visit the web site at http://www.fedcirc.gov.