How does it started

A programmer by the name of David Lee Smith took over an America Online (AOL) account in late March 1999 and used it to upload a file with an adult domain to Internet newsgroup. Dozens of free passwords to adult-content websites that charge fees were promised in the post. A virus was released onto customers’ PCs after they fell for the trick, downloaded the document, and then opened it in Microsoft Word. On March 26th, it hits the internet like wildfire.

How does it spread

According to Smith, the Melissa virus began by taking control of the victims’ Microsoft Word application. It was named after a Florida stripper. It then sent messages to the first 50 addresses in their mailing lists by taking over their Microsoft Outlook email system using a macro. Then, by naming the attachment with adult content or by falsely claiming, “Here is the document you requested… don’t show anyone else ;-),” such communications encouraged recipients to open a virus-infected attachment. Through some clever social engineering, the virus functioned as a malicious automated chain letter.

Non-intended yet destructive

Despite not being designed to steal money or information, the virus caused a great deal of damage. Over 300 businesses and government organisations throughout the world experienced overloaded email systems, some of which had to be completely shut down, including Microsoft. In certain places, Internet traffic slowed to a crawl, and almost a million email accounts were affected.

Coming to the limelight

Although it took some time to completely eradicate the infections, cybersecurity professionals were able to stop the virus’s propagation and restore network functionality in a matter of days. In addition to conducting investigations, the FBI warned the public about the virus and its consequences, which helped to lessen the attack’s devastating repercussions. Nevertheless, the total damage was massive, with an estimated $80 million needed for computer system clean-up and repair.

Catching the culprit

Thanks to a tip from an AOL representative and almost flawless collaboration between the FBI, New Jersey law enforcement, and other partners, apprehending the criminal was quick. Smith was detained on April 1, 1999, in north-eastern New Jersey after authorities linked him to the virus’s electronic fingerprints. Smith entered a guilty plea in December 1999 and was fined $5,000 and given a 20-month sentence in federal prison in May 2002. Additionally, he consented to work with state and federal authorities. The virus served as a warning to the FBI and its colleagues that a serious threat was emerging and that it was imperative that the agency swiftly expand its cyber skills and collaborations.

Outcome

Appropriately, the Bureau established a new national Cyber Division devoted solely to online crimes a few months after Smith’s sentencing, with initiatives and resources aimed at safeguarding America’s computer networks. That cyber purpose is more important than ever now that almost everything in our society is online.

Few words regarding Melissa Virus

For many Americans, the Melissa virus—which at the time was thought to be the fastest-growing infection—was a harsh reminder of the negative aspects of the internet. As the reality of internet viruses and the harm they can cause became more widely known, so did the risk of accepting unsolicited email attachments.