Home & Office

ILOVEYOU: French virus centres on the defensive

French computer alert centres come under fire for refusing to estimate the costs instigated by the ILOVEYOU virus and its derivatives
Written by Jerome Thorel, Contributor

Last week, ZDNet France denounced the delay with which the Cert-Renater warned its correspondents of the arrival of the virus -- the alert was given out only late Thursday afternoon 4 May.

Computer Emergency Response Teams (CERT) are present in every country. In France, the Cert-Renater is only officially responsible for networks depending on the Renater, the organisation that integrates the Internet for sectors of education and research. Two other alert centres exist in France. But they remained very reserved as to the dangers of ILOVEYOU.

"Our aim is to warn the administration, not the public", insists Michel Dupuis, Manager of the Cert/A -- "A" for administration. The Cert/A is a new watchdog that was created early this year at the fort of Issy-les-Moulineaux, main office to the new central management of information systems security (Direction centrale de la sécurité des systèmes d’information, DCSSI, ex-SCSSI). The DCSSI runs under the guidance of the Prime Minister.

"I will not venture into giving any estimates of the number of computers affected or the cost that it may represent, continues Michel Dupuis. As for the possible 'delay' in the Cert-Renater giving the alert, this allegation is not justified. Renater’s role does not involve spreading rumours. When we receive a virus alert, we take the time to check it".

Nevertheless, Thursday 4 May 10am GMT, noon in France, the American CERT, which no doubt has no wish to favour rumours either, had issued an International warning.

Still according to Michel Dupuis, it is not on the agenda for Cert/A to evaluate the damages specifically caused by this virus.

Transparency is not included either in the statutes of another French CERT, the Cert/IST (Industries et Secteur Tertiaire), which acts on the account of the private sector. Created in 1999 under the driving forces of Alcatel, Elf, France Telecom and Cnes (though a public organisation), the Cert/IST sells its alert services to its members.

"Our first warning report was sent out Thursday 4th May, in the early afternoon, explains an executive of Alcatel, member of the Cert/IST. "But since the virus was being spread by email, many of our clients had blocked theirs out making our alert inoperative... We therefore had to get on the phone in order to warn everyone... Then, thanks to our good relationships with various anti-virus manufacturers, we were able to provide the very latest software updates before they were available on editors' websites.

The Cert/IST, -Renater and -Administration, are all members of First (Forum of Incident Response and Security Teams). This International network of CERTs has a federal role only and no mission to inform.

What do you think? Tell the Mailroom. And read what others have said.

Go to ZDNet's ILOVEYOU Special Report

Editorial standards