'Code Red' Continues to Spread

The Code Red computer worm has been rapidly tunneling its way around the globe today, but the FBI is hopeful that it will not cause extensive problems.

"Based on preliminary analysis, we expect a level of worm activity comparable to the July 19th Code Red infection, which resulted in infection of over 250,000 systems," says a statement released by the FBI's National Infrastructure Protection Center (NIPC) today. The statement adds that Code Red figures to "achieve that level of activity by this afternoon."

David Moore, a senior researcher at the Cooperative Association for Internet Data Analysis in San Diego estimated that nearly 130,000 computer systems around the world had been infected with the worm, as of 8 p.m. ET.

However, Moore said that the rate of infection slowed down as the day wore on.

"It actually seems to be reaching the part where it starts to level off," explains Moore "It does look like it's slowing down. And, it's getting close to infecting everyone who can be infected."

Chad Dougherty, an Internet security analyst at Carnegie Mellon University's CERT Coordination Center in Pittsburgh, said the rapid proliferation of Code Red this morning was because "The worm [was] in the first phase of its attack cycle."

Dougherty also says he is expecting "a level of worm activity comparable to the July 19th Code Red infection."

The White House Web site, the original target of the first Code Red attack last month, has been unaffected by the worm, and there have been relatively few reports of disturbances in Internet traffic due to Code Red.

"We have been monitoring it closely," White House spokesman Ari Fleischer told reporters earlier today. "At this time there has been no impact on the White House."

How to protect your computer from Code Red

First Surfaced July 19

The Code Red worm, which on July 19 first infiltrated thousands of computer systems carrying Microsoft's Windows 2000, Windows NT or Internet Information Server version 4.0 or 5.0, was programmed to attack government Web sites Tuesday evening.

For days before the scheduled attack, the NIPC, Microsoft and other government and private Internet security groups issued warnings to computer users about the worm, which is intended to create outages on major Web sites, slowing down Internet traffic in the process.

Computers using Microsoft's Windows 98 or Windows 95, or using Apple's operating systems, are not vulnerable to the worm.

Tuesday night, the FBI was pleased by the worm's almost negligible impact on the Internet, but remained guarded about its long-term effects.

"It will be some time before we can make any definite conclusions," said Ronald Dick, director of the NIPC, at a press conference Tuesday night. "The storm has not passed yet."

Officials have been urged computer owners to download a security patch from Microsoft's site intended to protect computers against Code Red. FBI officials said that more than a million people had downloaded the patch.

Still computer security experts warned that no one should breathe a sigh of relief just yet.

"There are pockets of this worm in the wild right now," says Jerry Freese, director of intelligence at Vigilinx, a digital security solutions provider in New Jersey monitoring Code Red. Freese points out that with an estimated eight million servers in operation worldwide, the majority of vulnerable machines in use have still not been protected against the worm.

On the 20th Day, Code Red Attacked

  • 1
  • |
  • 2
Join the Discussion
blog comments powered by Disqus
You Might Also Like...