Business

US institutions put on red alert as computer virus hits

"Virtual war" takes on a new meaning this evening when the enemy known as "Code Red" launches all-out attacks on government and…

By CONOR O'CLERY
Tue Jul 31 2001 - 01:00

"Virtual war" takes on a new meaning this evening when the enemy known as "Code Red" launches all-out attacks on government and private institutions in the United States.

Code Red is a worm-like computer virus which US officials describe as one of the biggest dangers to the internet. It could cause widespread slowdowns and sporadic outages, warned representatives from the White House, the Federal Bureau of Investigation and Microsoft in an unprecedented joint appeal yesterday for public and personal vigilance.

Code Red first struck in the US on July 19th when it attacked the White House website, though that assault was repulsed when the White House changed its numerical internet address. Last week, the Pentagon was forced temporarily to shut down public access to its websites while it purged its system and installed software inoculation to protect military communications.

Code Red is believed to have infected 250,000 systems in the first nine hours of the July 19th outbreak. The worm has lain dormant but will start spreading again at 8 p.m. Eastern Standard Time today (1 a.m. Irish time tomorrow), according to the Computer Emergency Response Team (CERT) at Carnegie Mellon University.

READ MORE

Code Red defaces English language websites with the words "HELLO! Welcome to http://www.worm.com! Hacked by Chinese!"

After a Chinese pilot was killed in a skirmish with a US spy plane on April 1st, Chinese hackers threatened a "cyberwar" against the US. Even before the incident, the FBI's National Infrastructure Protection Centre warned that Chinese hackers would attack US websites to mark the anniversary of the 1999 American bombing of the Chinese embassy in Belgrade on May 7th.

"This spread has the potential to disrupt business and personal use of the internet for applications such as electronic commerce, e-mail and entertainment," warned CERT. "Because the worm propagates very quickly, it is likely that nearly all vulnerable systems will be compromised by August 2nd."

While it does not destroy data, Code Red could be modified to do so. At least two mutations have already been found. It works by sending a torrent of electronic data to websites and it can also assume control of computers by overriding security features on local networks.

Code Red exploits a flaw discovered in June in Microsoft's Internet Information Services software used on internet servers. It is found in Windows' NT and 2000 operating systems. The worm was first detected on July 14th by Mr Brian Dunphy, a network monitoring expert at the security firm Riptech, after customers reported problems.

Officials say a software inoculation is available from Microsoft's website but many computers are still defenceless.

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning