"Code Red" virus expected back next week

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread

Computer virus will reinfect networks By PAMELA HESS WASHINGTON, July 27 (UPI) -- Computer security experts on Friday warned that the "Code Red" virus that forced the Pentagon to block public access to its Web sites will reawaken next Wednesday and begin attacking tens of thousands of computers.

The Computer Emergency Response Team at Carnegie Mellon University said the virus spreads rapidly. It infected more than 250,000 computers in nine hours on July 19.


"Because the worm propagates very quickly, it is likely that nearly all vulnerable systems will be compromised by Aug. 2, 2001," the CERT said.

The virus is programmed to replicate itself for 19 days, in some cases defacing hosts' Web sites, and then to flood a single Web server -- the White House's -- with messages, clogging all its lines.

The White House changed its Internet protocol address last month to foil the bug, but Carnegie Mellon warns the real problem is posed during the infection stage. The virus, or worm, automatically scans computers over Internet lines for a particular software vulnerability that would allow it to take up residence. That scanning threatens to overwhelm Internet lines.

The CERT also warned that in some cases, Code Red can assume control of computers by overriding security features on local networks.

"This level of privilege effectively gives an attacker complete control of the infected system," the CERT stated Friday in a warning advisory.

The Pentagon shut down nearly all of its public Web sites on July 20 for five days while network administrators worked to patch the software vulnerability that allowed Code Red into a number of military computers. The worm hit U.S. European Command particularly hard, according to military sources.

The CERT issued a warning on June 19 about the software vulnerability resident in some Microsoft systems. A day later the military issued an alert to patch the problem, giving administrators 30 days to do so, a defense official told United Press International. However, the Code Red virus had completed its attack the day before that deadline was met.

The military has nearly 10,000 networks and 2.5 million computers. Last year around 1,000 computer security advisories were issued; the military issued about 10 "alerts" with 30-day repair deadlines off that list.

"It's a case of risk assessment. With so many computers we can't respond to every advisory," the official told UPI.

-- Martin Thompson (mthom1927@aol.com), July 29, 2001


I'm sure glad I've got Web TV, rather than a conventional PC. This way I don't have to worry about viruses at all. That's up to Microsoft and Sony.

-- Wayward (wayward@webtv.net), July 29, 2001.

Moderation questions? read the FAQ