Facebook Twitter

‘Code Red’ Web worm sparks a warning

SHARE ‘Code Red’ Web worm sparks a warning

WASHINGTON — In an unprecedented show of force against an extremely virulent Internet attack, government and private officials will implore worldwide organizations today to protect themselves from the "Code Red" worm.

Representatives from the White House, FBI, Microsoft and others have decided to take the step in the face of one of the largest-ever dangers to the Internet. The worm, similar to a virus, could cause widespread slowdowns and sporadic outages.

"The Internet has become indispensable to our national security and economic well-being," said Ron Dick, head of the National Infrastructure Protection Center, an arm of the FBI. "Worms like Code Red pose a distinct threat to the Internet."

Along with posting various warnings on their Web sites, government officials and representatives from Microsoft were holding a news conference Monday afternoon to publicize their efforts.

The government routinely works with private companies to issue warnings about new hack attacks and viruses, but never before have they made such a high-profile stand.

While the actual infection rate is unknown, it is believed to be in the hundreds of thousands of Internet-connected computers. In just the first nine hours of its July 19 outbreak, it infected more than 250,000 systems.

The officials are frustrated that even though a software inoculation was made available over a month before the worm's first attack, many computers are still defenseless. The patch, which will protect computers, can be found on Microsoft's Web site.

The worm defaces Web sites with the words "Hacked by Chinese." While it doesn't destroy data, it could be modified to do so. At least two mutations have already been found.

Code Red exploits a flaw discovered in June in Microsoft's Internet Information Services software used on Internet servers. It is found in Windows' NT and 2000 operating systems.

Only computers set to use English will have their Web pages defaced. From the first through the 19th of every month, the worm spreads. From the 20th on, it attacks the White House Web site, trying to knock it offline.

The White House took precautions against it, changing its numerical Internet address to dodge the attack.

Even though the target has moved, the infected computers will still launch their attack. This, officials said, could slow down the Internet causing sporadic but widespread outages.

Last week, the Pentagon was forced to shut down public access to all of its Web sites temporarily to purge and protect them from the Code Red worm.

Because Code Red spread so quickly, security companies have not been able to figure out who wrote and released it.

Code Red also can damage smaller networks by affecting a certain type of Internet routers, made by Cisco Systems, used for data traffic control.

Steve Lipner, head of Microsoft's security response center, said the company is looking for new ways to distributing patches more efficiently.

The government relies on Microsoft and other technology companies to secure everything from defense networks to financial systems.

"The protection of the Internet requires a partnership with the government, private companies and the public as a whole," NIPC's Dick said.

On the Net:

National Infrastructure Protection Center: www.nipc.gov

Microsoft Security Patch: www.microsoft.com/technet/security/bulletin/MS01-033.asp

Code Red technical data: www.digitalisland.net/coderedalert