The US Government, the FBI and several internet security
organisations have issued an unprecedented public warning about the
threat posed by the Code Red worm. A worm is a form of virus that
self-replicates, without actually altering files. The Code Red
worm, so called because it is thought to have originated in China,
is designed to flood computer networks with data. Security experts
warn that it has the potential to considerably slow down the
operation of the internet.
The worm was first identified in early July but has been lying
dormant since its initial attack on 19th July. It is expected to
resurface on 1st August in a more aggressive form, although it is
not likely to cause any actual harm to files or hardware. At a
press conference held yesterday, Director of the FBI National
Infrastructure Protection Center (NPIC) Ronald Dick said:
“There is reason for concern that mass
traffic associated with the worm’s propagation could degrade the
overall functioning of the internet and impact ordinary users.”
Earlier this month the US government White House web site was
targeted by the worm in an attempt to so overwhelm it with data
that it would be forced to shut down. That denial of service attack
was defended by changing the location of the web site to another IP
(Internet Protocol) address.
However, it is not yet known whether the new variant of the worm
will be able to detect such a change and adapt its attack
accordingly. Another attack is programmed to be launched from
infected computers on 19th August, although security experts do not
appear to know which web sites will be victimised this time.
The worm takes advantage of a security hole present in systems
operating Windows NT, Windows 2000 or Microsoft’s Internet
Information Server (IIS) software and the company has produced a
patch to rectify this vulnerability. If a computer is infected then
it may be cured by rebooting the machine.
