Sarah Left 

Web prepared for Code Red return

The Code Red computer worm - considered so threatening that it prompted an unprecedented joint warning from the FBI and Microsoft last month - is set to renew its attack on Monday, but this time the FBI has downgraded its potential for damage.
  
  


The Code Red computer worm - considered so threatening that it prompted an unprecedented joint warning from the FBI and Microsoft last month - is set to renew its attack on Monday, but this time the FBI has downgraded its potential for damage.

The worm has infected hundreds of thousands of computers by exploiting a flaw in a Microsoft internet software program used mainly by businesses.

The worm spreads during the first half of a month, then launches a denial-of-service attack - last month directed at the White House website - in the second half.

The FBI feared that the resulting internet traffic could slow the world wide web to a crawl.

In last month's warning, the FBI urged businesses to download software from Microsoft's website that corrects the fault and renders computers invulnerable to Code Red.

Yesterday FBI officials said in a statement: "Because of the rapid response from the public, industry and infrastructure providers to mitigate the potential for damage from this worm, the threat posed by the upcoming attack is significantly reduced."

However, over the last month it appears many businesses - ironically including Microsoft itself - did not heed the warning.

Some of Microsoft's Hotmail servers were infected by Code Red, and there were reports of infections at companies such as FedEx and the Press Association.

Keynote Systems, a company that monitors the performance of the internet, said the net slowed by only about 15% the last time the worm attacked on July 20, and much of that disruption was caused by a train crash in Baltimore that cut cabling to a major ISP.

The overall response to the warning has been good enough to give the FBI confidence that when Code Red begins to flood servers with requests on Monday, it will have far fewer servers on its side.

Any companies running Windows NT or Windows 2000 who have not installed the Microsoft IIS patch can download it for free on Microsoft's web site.

Related articles

06.08.2001: New warning over computer worm

01.08.2001: Code Red fails to cause internet meltdown

31.07.2001, Comment: Code Red meltdown? Don't bet on it

Explained
Code Red worm

Useful links

Vmyths on Code Red

US National infrastructure protection centre

 

Leave a Comment

Required fields are marked *

*

CAPTCHA

*