The Network Batch File Virus
by Alex Papadimoulis
The early 90s were exciting. Tim Berners-Lee invented HTML and created the first of the many internets we have today. A bunch of dancing dudes in foil costumes built the first Pentium processor. And who can forget Eritrea gaining independence from Ethiopia? Well, I could, but I wasn't following Ethiopian politics so much those days.
At the time, Chilton W. was working at a company that provided software that auto insurance companies used to keep track of users, policies, cars, etc. Things were going great, too. They had sold their software to one third of all auto insurance providers in the U.S.
The architecture consisted of a main system (which they owned) at each insurance provider's location, physically linked to other systems on a local network. This didn't work under the typical client/server model, though, it was a daisy-chained, peer-to-peer setup.
Often just one computer on the network could connect to the internet via dialup, so troubleshooting was a matter of dialing into the main system, checking for problems, then walking a user through the steps of testing each networked computer. It was usually the low man on the totem pole at the client's site that would get tied up for a few hours, changing configuration settings and testing. It was a tremendously tedious process, and the answer was generally either a bad cable, bad software install, or a dead hard drive.
Chilton saw an opportunity to simplify the process by deploying a remote diagnostics application. Deployment was, in fact, pretty easy — a batch file could upload the utility to the insurance provider's main system, then someone there could copy the utility to a floppy and manually get it out across all the other systems. Chilton still didn't like that he'd have to explain to each user how to copy the utility, though, so he added the ability for the utility to replicate itself across the network.
Chilton's script was a godsend. He could easily diagnose problems with one call, one batch file upload, and one execution of the utility. A few minutes later, a log file would be created that could easily and accurately identify the problem. Chilton's productivity skyrocketed to the point that he could solve ten or more problems in the same time it took his coworkers to diagnose one.
The future was bright for Chilton. He began showing others how to use the utility, and everyone loved it. When a relative offered to send him back to finish college, though, he put in his two weeks' notice. His boss requested that he write documentation about the utility, so he printed up the batch script and wrote extensive documentation about how it worked. A few days later, he left.
A year later, he ran into one of his old coworkers and asked how things had been going at the company. "A month after you left, everything went crazy," he said. "Management said we had to wipe all of our hard drives and recall our systems from the field. Tech support was down for months!"
"What?" asked Chilton. "Why?"
One of the comments Chilton had left in his script read "this self-replicates, similar to how a virus works." It was read by the wrong person, and a "security expert" was immediately brought in. His conclusion was that this was clearly viral batch file, undetectable by every antivirus software product on the market. The fear that an elusive virus had permeated throughout the network lead to the company hiring very expensive investigators to look into the issue. The head investigator found nothing, though, so he was fired and the investigation ended. Ultimately, new computers were bought for everyone, and tech support was able to get back on track.