Other articles:




FBI Cyber Researcher Unleashes Virus
That E-Mails Private Agency Documents


WASHINGTON -- A researcher in the Federal Bureau of Investigation's
cyber-protection unit unleashed a fast-spreading Internet virus that
e-mailed private FBI documents to outsiders -- all on the eve of a Senate
hearing into troubles at the unit.

Although the Sircam virus didn't spread to other computers at the FBI's
National Infrastructure Protection Center, it did send at least eight
documents to a number of outsiders. One, about the investigation into an
unrelated virus, was marked "official use only." The Sircam virus has
infected thousands of computers since its discovery last week.

FBI spokeswoman Deb Weierman said that no sensitive or classified
information about continuing investigations was disclosed Tuesday. The
"official use" designation protects documents from disclosure under the U.S.
Freedom of Information Act.

It isn't uncommon for virus researchers to accidentally infect their own
computers, but the mistake was particularly embarrassing because it occurred
ahead of a Senate Judiciary panel's oversight hearing about the FBI cyber
unit's effectiveness. Lawmakers were expected to focus on other agencies'
failure to cooperate fully with the FBI center, and on a perceived lack of
trust between the FBI and private-sector groups.

The unit generally gets high remarks for its criminal investigations, and
even critics say the unit is more effective than it was a year ago. "The
effort here is not to embarrass anybody but to stress that a lot of work has
to be done," said Republican Sen. Jon Kyl of Arizona.

Meanwhile, the White House has begun organizing a new early-warning network
for Internet threats. But unlike the current system, it will be coordinated
by the Pentagon, not the FBI. The mechanism for warning all U.S. military
and civilian agencies -- and ultimately corporations -- will be dubbed the
Cyber-Warning and Information Network, or "c-win." Organizers envision
dozens of computer centers that could sound an alert when a threat is

The network is expected to begin operating in October. The FBI unit, which
currently relays these warnings, came under sharp criticism from
congressional auditors for issuing tardy alerts. Ms. Weierman, the FBI
spokeswoman, called the new network a "useful mechanism" to offer the
government a "technical capability that doesn't currently exist." The FBI,
she said, wasn't concerned it would lose its warning responsibilities.

Tuesday, at least three people said they received some of the FBI documents,
including a 23-year-old Internet-security expert in Belgium, Niels Heinen.
He operates a Web site that reports on Internet break-ins and speculated
that the analyst, Vince Rowe, visited the site on the infected computer. Mr.
Rowe didn't respond to a request for comment.

Write to Ted Bridis at ted.bridis@wsj.com

main page ATTRITION feedback