1

Cybercrime Analysis
 2

Introduction

Early in 1999, a particular kind of email virus called Melissa started to cause problems. It

was a Microsoft Word and Outlook-based system-targeting macro virus that was sent via bulk

email (Federal Bureau of Investigation, 2019). As being among the virus signatures with the

quickest dissemination rates, the Melissa virus brought attention to the danger and harmful

consequences posed by clicking files attached to emails from unknown senders. The infection

improved cybersecurity while also serving as more of a motivation for stronger infections to

come (Federal Bureau of Investigation, 2019). The Melissa virus left an indelible mark that the

Federal Bureau of Investigation (FBI) established a special national Cyber Department with a

specialty in digital criminal acts a few months after its inventor was apprehended and given a jail

term (Federal Bureau of Investigation, 2019).

The Details of the Case

Once clicked, the Melissa virus turned off a handful of Word 97 and Word 2000 security

features. The virus was spread as an email attachment. Additionally, if the victim had Microsoft

Outlook installed on their computer, the malicious software would replicate the

immediate contacts in their contact list (Federal Bureau of Investigation, 2019). Despite not

deleting any information or files, the infection had the ability to take down organizational and

other major mailbox systems when electronic mailing issues grew more serious. Numerous

connections, along with those of Microsoft and the US Marine Corps, were rendered unusable by

the malware (Federal Bureau of Investigation, 2019).

The infection got started by controlling the Microsoft Word software of its targets.

Afterward, it took over its Microsoft Outlook email service and utilized a script to send data to
 3

the initial Fifty recipients on their contact list. Users were enticed to download a virus-filled file

by those mails (Federal Bureau of Investigation, 2019). The provided file really held a Visual

Basic program rather than a collection of credentials for internet sites that allowed subscriptions.

The malicious document was transferred by the program into a Word template file that has de

facto functions and customized configurations. Whenever the file is accessed, the malicious file

is read into system memory (Federal Bureau of Investigation, 2019).

The virus caused a plethora of damage while not being designed to defraud or

harvest data. Upwards of 300 businesses and governmental organizations throughout the world

had to temporarily close all of their email servers due to excessive traffic. Over a million email

accounts were affected, and in certain places, Electronic communications came to a standstill

(Federal Bureau of Investigation, 2019). Whereas it necessitated a significant period to

completely eradicate the viruses, information security specialists had generally stopped the

virus's propagation and re-established the operation of their infrastructure in a matter of days.

The FBI's advisories regarding the infectious agent and its ramifications, together with its

investigations, helped to raise public awareness and lessen the attack's catastrophic

repercussions. Nevertheless, the cumulative harm was substantial (Federal Bureau of

Investigation, 2019).

The Laws that Pertain to the Case

A federal jail term of twenty months was imposed on the New Jersey man convicted of

releasing the computer virus. His name was David L. Smith, and he resided in Monmouth

County's Aberdeen Township (U.S. Department of Justice, 2002). He admitted admission to

computer-related charges in state and federal court before the end of the year. He acknowledged

using his personal laptop in Aberdeen Township to transmit the deadly malware throughout
 4

North America (U.S. Department of Justice, 2002). He was 34 years old when he received his

sentence. Coordinated state and federal investigations led to the prosecutions. The court ordered

Smith to pay a five thousand dollar fine (U.S. Department of Justice, 2002). Following the end

of his term of imprisonment, he was obligated to complete three years of supervised probation.

The jury also mandated that Smith refrains from using network infrastructure, the World wide

web, or Online bulletin boards after being released (U.S. Department of Justice, 2002).

What I Could Have Done

I would implement a comprehensive training program within my organization to educate

my staff on how to recognize and prevent social engineering, email-based malware assaults, and

many other contemporary cybercrimes or malicious activity. At the very least, I would have

procedures in place for my staff members to follow regarding online accounts, acceptable

internet usage, and data processing. In addition, I would undertake a risk assessment of my

business to detect any possible risks or weaknesses. I would then develop a clean-up strategy to

start bringing the infection risks down to a manageable level. Finally, I would do hacking tests

on my staff at least once every month on average.

 5

References

Federal Bureau of Investigation. (2019, March 25). The Melissa Virus. Retrieved September 12, 2022,

from https://www.fbi.gov/news/stories/melissa-virus-20th-anniversary-032519

U.S. Department of Justice. (2002, May 1). Creator of Melissa Computer Virus Sentenced to 20 Months

in Federal Prison (May 1, 2002). Retrieved September 12, 2022, from

https://www.justice.gov/archive/criminal/cybercrime/press-releases/2002/melissaSent.htm