CODE RED - Continues to disrupt

greenspun.com : LUSENET : Current News : One Thread

Code Red continues to disrupt Net Microsoft, AP, Qwest and AT&T among those affected

MSNBC STAFF AND WIRE REPORTS

Aug. 9 — While the spread of the Code Red computer worm has slowed, it continues to cause problems for Internet users. The worm has infected some of Microsoft’s computers, disrupted some Associated Press services and slowed down high-speed Internet access for AT&T and Qwest customers. MICROSOFT, whose software has the vulnerability that lets the Code Red worms attack, has itself been a victim. The company confirmed Wednesday that some computers running Hotmail — the software giant’s free e-mail service — were infected by one of the worms.

The worm disrupted some Associated Press services delivered by the Internet on Wednesday.

The AP outage did not affect transmission of AP’s main news and photo services, which are delivered by satellite.

The worm is a program that scans rapidly for vulnerable computers to infect and overload. It can also quickly affect computers linked to a computer it initially targets.

Telecommunications company Qwest reported spotty outages for users of its high-speed Internet service nationwide. A Qwest spokesman said modems made by Cisco Systems were at fault. The Code Red worms can affect some Cisco hardware.

Home cable modem systems in Virginia and New York have also had slow or no service this week due to the worm.

Hundreds of thousands of computers have been infected by Code Red. The original Code Red worm, which appeared last month, infected about 250,000 computers at its peak.

The latest version of Code Red also leaves a “backdoor” open that a hacker can use to take over the infected computer. It began spreading over the weekend and has rendered about 400,000 computers completely defenseless to attacks by computer intruders, according to Elias Levy, spokesperson for SecurityFocus.com. The worm delayed updates of The WIRE, the AP’s news Web site. It also affected a photo service used by smaller newspapers and several specialized sites, including sites for graphics and census information. The disruptions began at about 4 a.m. EDT. Most services were restored by early afternoon.

John Reid, AP’s director of communications and technology, said all the infected computers had been “scrubbed” and were being checked to make certain they were secure. About 60 AP servers running Microsoft operating systems were infected, he said.

Both versions of the Code Red worm attack only computers running Microsoft Windows NT or 2000 operating systems, with Internet Information Services installed.

To keep the spread of the Code Red worms from blocking access to Web servers that residential customers are running, a spokeswoman said on Wednesday.

“We are trying to protect our greater user population as a whole,” said AT&T spokeswoman Sarah Eder. The company provides cable Internet access to 1.35 million residential customers, she said. slowing down its cable Internet network, AT&T Corp. is blocking access to Web servers that residential customers are running, a spokeswoman said on Wednesday.

“We are trying to protect our greater user population as a whole,” said AT&T spokeswoman Sarah Eder. The company provides cable Internet access to 1.35 million residential customers, she said.

The new Code Red also spreads more quickly, looking for computers in close proximity or the same network to infect rather than random computers on the Internet, like the earlier version does. This scanning of the local neighborhoods is slowing down cable modem networks, where subscribers share bandwidth.

-- Anonymous, August 09, 2001


Moderation questions? read the FAQ