Almost everyone who uses email knows about the infamous Klez virus that made its appearance on campus this spring. This computer virus infection spread by email and infected email attachments and files in shared directories. The virus could randomly change the subject and body of an infected email message, disable anti-virus programs, release confidential information as an email attachment, and forge the apparent email address of the originator. You may have been shocked with accusations from co-workers or peers that you had sent them a Klez-infected message without your even knowing it. Even worse, after the initial Klez outbreak, many campus units reported outbreaks of Klez clones.

As you know, Klez hasn't been the only threat this year. A number of viruses are constantly threatening the availability of the campus email servers, which process an average of 17 million emails each month. According to industry estimates up to five percent of all email messages now contain a virus infection. This means that over 10 million email messages over a one-year period are infected. The viruses like Klez pose several risks to UC Davis since, depending on the particular virus, the infection could:

• Corrupt or release essential and/or sensitive data.
• Reduce the productivity levels of information technology end-users.
• Reduce the availability and integrity of systems and applications.
• Reduce the availability of technical staff to attend to other responsibilities.
• Cause damage to data of external organizations receiving infected files from our campus.
• Inhabit an individual computer, which would force the campus to quarantine that computer and cause multiple inconveniences for the owner of the infected system.

To keep these damaging factors from severely disrupting the UC Davis research, teaching and public service activities dependent on information technology, the campus is stepping up its measures to block email viruses from entering or leaving the campus networks in the first place. Up to now, our approach has been to identify and prevent virus infections on individual desktop workstations and servers. However, this can be an elusive process, since it is difficult to ensure that every student, faculty, and staff member installs anti-virus programs, and that these programs are properly configured and maintained. Moreover, a majority of the computer workstations using campus network and computing resources are privately owned and, thus, not under any campus configuration and maintenance control.

Why should you care about keeping your computer virus-free? Besides the damage it could cause on your own system, an infection in one computer threatens all the computers in the entire network. In the past this has led to the unfortunate situation of computer quarantining.

In May, Information and Educational Technology (IET) took a major step towards improving virus control by purchasing specialized anti-virus software that — beginning in July — will scan and delete infected inbound and outbound email coming through the central campus servers, which process an estimated 70 percent of campus email. This means that individual email recipients on campus won't ever see the viruses that were attempting to infect their computer systems. These new email anti-virus servers will act as sophisticated nets, catching viruses before they spread their damage. The senders of the infected email will be informed of a possible virus infection and requested to remove any virus conditions.

The anticipated software license, acquired from Trend Micro will also benefit those academic and administrative departments that manage their own email or groupware servers. The software license will permit any campus organization to install selected Trend Micro software products. This product family includes support for several operating systems, including Sun Solaris, HP-UX, Linux, NT and Sendmail (commercial and public domain versions). IET is presently running the email anti-virus application to inspect and disinfect email sent to and from the campus listserver.

While the costs for this new anti-virus service are not trivial, IET believes it must take steps to reduce the virus infection rate on campus. The time and money spent to recover from viruses is so high that this email anti-virus software will pay for itself within as little as two years. Virginia Tech, a University that is also ahead of the curve when it comes to security measures, installed a similar anti-virus system last summer. According to Randy Marchany, who runs the security lab at Virginia Tech, "Just three months into it, we intercepted our millionth virus."