July 25, 2001 10:50 AM PDT
SirCam worm snatches FBI documents
SirCam worm cripples e-mail
Vincent Gullotto, senior director, McAfee's Avert Labs
A researcher at the FBI's National Infrastructure Protection Center--the bureau's cyberprotection unit--allowed the rapidly spreading SirCam worm to send private FBI documents from a bureau computer to outsiders, according to an FBI statement.
The computer, which was running virus-scanning software, was being used as part of an ongoing security collaboration with public- and private-sector systems. No other computers in the agency were contaminated.
FBI spokesman Steven Berry said no sensitive or classified information about continuing investigations was disclosed on Tuesday when the infection occurred.
Upon discovery of the infection, the NIPC worked to contain it but not before a number of documents were sent out. The NIPC, which is in the process of alerting the recipients of the documents to the presence of the worm, subsequently referred the matter to the FBI Washington Field Office for investigation.
SirCam spreads by e-mailing copies of itself to everyone in the infected computer's address book. An added twist with this particular worm is that it sends a random file from the infected computer's hard drive, which means the worm could potentially send confidential business data or embarrassing personal information along with itself.