WASHINGTON (AP) – Government and private security officials made a last-ditch effort Tuesday to persuade Internet site operators on Kaua’i and across the globe to inoculate their computers against the predicted return of the viruslike “Code Red” worm. The worm,
WASHINGTON (AP) – Government and private security officials made a last-ditch effort Tuesday to persuade Internet site operators on Kaua’i and across the globe to inoculate their computers against the predicted return of the viruslike “Code Red” worm.
The worm, scheduled to go active again at 2 p.m. HST Tuesday, can spread quickly without human intervention on unprotected Internet computer servers and threatened to slow down Web traffic. It does not affect most home computers.
The malicious program can only be stopped if enough Web site operators install Microsoft’s software patch, which plugs the security hole the worm uses to attack.
Experts’ predictions ranged from the infection of a million or more computers and a massive Internet slowdown to little effect. The government took few chances, pressing to get as many Web site operators as possible to inoculate their systems before the attack.
By midday Tuesday, a few infected computers with incorrectly set dates have already started trying to spread the worm, but there was no noticeable effect on the Internet’s health, experts said.
Officials warned that it could be a day or two before the effects of the latest attack are noticed, as the worm – or possible variants – take hold. They gave hundreds of interviews Monday and Tuesday to publicize the threat.
Code Red infected several hundred thousand computers during its first outbreak July 19. Russ Cooper, surgeon general for TruSecure Corp., said the new spread could reach half a million to a million computers within three days.
As a result, the infected computers would spew out more junk data than the Internet can handle, Cooper said, resulting in “a meltdown.”
“If it does slow down as I expect it will, then you won’t even be able to get to Microsoft’s site to install the patch,” Cooper said. “I expect that to happen.”
Code Red is the most famous computer worm since the first worm, created in 1988, which took down most of the fledgling Internet.
Other computer security experts are more measured in their predictions, saying that it will cause some troubles but that the onslaught of media coverage will prompt computer users to fix their systems.
David Perry, of antivirus program maker Trend Micro, likened the strident warnings from government officials and constant cable television news coverage to stockpiling for the Year 2000 conversion.
“I would suggest that because of Code Red, there’s no reason to go out and buy mass quantities of beef jerky,” Perry said.
Experts worry that newly discovered versions of the worm can be reprogrammed to launch crippling attacks on any Web site. “This thing is just way too easy to modify,” Cooper said.
The FBI is working with several countries to fight the worm’s spread. Investigators don’t yet know who wrote Code Red or where it started.
The fix has been downloaded “several hundred thousand” times, Microsoft security guru Scott Culp said, but he could not definitively say how many computers had actually been patched.
FBI spokeswoman Debbie Weierman said the government doesn’t know if all federal computers are protected, but a Pentagon spokesman said Tuesday that they believe Defense systems are safe. Last week, the Pentagon shut down public access to Web sites to purge the worm.
Web site administrators running Microsoft Windows NT and 2000 operating systems, along with the Internet Information Services software, should download the patch from Microsoft’s Web site. Home users running Windows 95, 98 or Me are not vulnerable.
On the Net:
National Infrastructure Protection Center: http://www.nipc.gov
Microsoft Security Patch: http://www.microsoft.com/technet/security/bulletin/MS01-033.asp
Code Red technical data: http://www.digitalisland.net/coderedalert
