Interesting People mailing list archives
IP: Officials Fight 'Code Red' Attack
From: David Farber <dave () farber net>
Date: Sun, 29 Jul 2001 21:58:35 -0400
Would be easier and better to have fought the problem when the software was designed. It is hard to retrofit security into existing systems.
Dave ps published in full due to severity of the problem
Officials Fight 'Code Red' Attack By THE ASSOCIATED PRESS Filed at 4:53 p.m. ET WASHINGTON (AP) -- In an unprecedented show of force against an extremely virulent Internet attack, government and private officials on Monday will implore worldwide organizations to protect themselves from the ``Code Red'' worm. Representatives from the White House, FBI, Microsoft (news/quote) and others have decided to take the step in the face of one of the largest ever dangers to the Internet. The worm, similar to a virus, could cause widespread slowdowns and sporadic outages. ``The Internet has become indispensible to our national security and economic well-being,'' said Ron Dick, head of the National Infrastructure Protection Center, an arm of the FBI. ``Worms like Code Red pose a distinct threat to the Internet.'' Along with posting various warnings on their Web sites, government officials and representatives from Microsoft were holding a news conference Monday afternoon to publicize their efforts. The government routinely works with private companies to issue warnings about new hack attacks and viruses, but never before have they made such a high-profile stand. While the actual infection rate is unknown, it is believed to be in the hundreds of thousands of Internet-connected computers. In just the first nine hours of its July 19 outbreak, it infected more than 250,000 systems. The officials are frustrated that even though a software inoculation was made available over a month before the worm's first attack, many computers are still defenseless. The patch, which will protect computers, can be found on Microsoft's Web site. The worm defaces Web sites with the words ``Hacked by Chinese.'' While it doesn't destroy data, it could be modified to do so. At least two mutations have already been found. Code Red exploits a flaw discovered in June in Microsoft's Internet Information Services software used on Internet servers. It is found in Windows' NT and 2000 operating systems. Only computers set to use the English language will have their Web pages defaced. From the first through the 19th of every month, the worm spreads. From the 20th on, it attacks the White House Web site, trying to knock it offline. The White House took precautions against it, changing its numerical Internet address to dodge the attack. Even though the target has moved, the infected computers will still launch their attack. This, officials said, could slow down the Internet causing sporadic but widespread outages. Last week, the Pentagon was forced to shut down public access to all of its Web sites temporarily to purge and protect them from the Code Red worm. Because Code Red spread so quickly, security companies have not been able to figure out who wrote and released it. Code Red also can damage smaller networks by affecting a certain type of Internet routers, made by Cisco Systems (news/quote), used for data traffic control. Steve Lipner, head of Microsoft's security response center, said the company is looking for new ways to distributing patches more efficiently. The government relies on Microsoft and other technology companies to secure everything from defense networks to financial systems. ``The protection of the Internet requires a partnership with the government, private companies and the public as a whole,'' NIPC's Dick said. ^------ On the Net: National Infrastructure Protection Center: http://www.nipc.gov Microsoft Security Patch: http://www.microsoft.com/technet/security/bulletin/MS01-033.asp Code Red technical data: http://www.digitalisland.net/coderedalert http://www.nytimes.com/aponline/technology/AP-Code-Red-Worm.html?ex=997466980&ei=1&en=445f11edd0b5530f /-----------------------------------------------------------------\ Visit NYTimes.com for complete access to the most authoritative news coverage on the Web, updated throughout the day. Become a member today! It's free! http://www.nytimes.com?eta \-----------------------------------------------------------------/ HOW TO ADVERTISE --------------------------------- For information on advertising in e-mail newsletters or other creative advertising opportunities with The New York Times on the Web, please contact Alyson Racer at alyson () nytimes com or visit our online media kit at http://www.nytimes.com/adinfo For general information about NYTimes.com, write tohelp () nytimes com.Copyright 2001 The New York Times Company
For archives see: http://www.interesting-people.org/
Current thread:
- IP: Officials Fight 'Code Red' Attack David Farber (Jul 29)