'Code Red' Virus Aims at Whitehouse.gov

ByABC News
July 20, 2001, 12:19 AM

W A S H I N G T O N, July 20 -- The White House Web site dodged an Internet bullet Thursday, using some technical sleight of hand to sidestep a computer virus dubbed "Code Red," security experts said.

The virus has infected more than 225,000 computer systems aroundthe world, defacing many Web sites with the message "Hacked ByChinese," experts said. Despite the message, the origin of thevirus is unknown.

The ultimate goal of the virus, known as a "worm," is togather strength by infecting more computers and then have them allattack a numerical Internet address that represents the White HouseWeb site. The assault, which was set to go off Thursday at 8 p.m.EDT, is a denial of service attack, designed to hamper or shut downa computer system by flooding it with huge amounts of data.

Whitehouse.gov Prepared for Possible Attack

The White House apparently shifted its Web site to a differentnumerical address to avoid the attack, said Stephen Trilling,director of research at Symantec Corp. of Cupertino, Calif., acomputer security company.

White House spokeswoman Jeanie Mamo would say only that theWhite House had "taken preventative measures aimed at minimizingany impact from the computer virus known as the Code Red worm."

The FBI's National Infrastructure Protection Center issued awarning late Thursday, calling the virus a significant threat thatcould "degrade services running on the Internet."

The CERT Coordination Center, the government-funded computeremergency response team at Carnegie Mellon University, said atleast 225,000 computers were infected.

Flaw in Microsoft Software Exploited by Virus

Code Red exploits a flaw discovered last month in Microsoftsoftware used on Internet servers. While a software patch was madeavailable to correct the flaw, not everyone has made use of it,Trilling said.

Specifically, vulnerable computers are those running the serversoftware on Microsoft Windows NT 4.0 or Windows 2000.

Since the virus targets servers, mostly used by businesses, fewindividual computer users were affected.