W A S H I N G T O N, July 20, 2001 -- The White House Web site dodged an Internet
bullet Thursday, using some technical sleight of hand to sidestep a
computer virus dubbed "Code Red," security experts said.
The virus has infected more than 225,000 computer systems around the world, defacing many Web sites with the message "Hacked By Chinese," experts said. Despite the message, the origin of the virus is unknown.
The ultimate goal of the virus, known as a "worm," is to gather strength by infecting more computers and then have them all attack a numerical Internet address that represents the White House Web site. The assault, which was set to go off Thursday at 8 p.m. EDT, is a denial of service attack, designed to hamper or shut down a computer system by flooding it with huge amounts of data.
Whitehouse.gov Prepared for Possible Attack
The White House apparently shifted its Web site to a different numerical address to avoid the attack, said Stephen Trilling, director of research at Symantec Corp. of Cupertino, Calif., a computer security company.
White House spokeswoman Jeanie Mamo would say only that the White House had "taken preventative measures aimed at minimizing any impact from the computer virus known as the Code Red worm."
The FBI's National Infrastructure Protection Center issued a warning late Thursday, calling the virus a significant threat that could "degrade services running on the Internet."
The CERT Coordination Center, the government-funded computer emergency response team at Carnegie Mellon University, said at least 225,000 computers were infected.
Flaw in Microsoft Software Exploited by Virus
Code Red exploits a flaw discovered last month in Microsoft software used on Internet servers. While a software patch was made available to correct the flaw, not everyone has made use of it, Trilling said.
Specifically, vulnerable computers are those running the server software on Microsoft Windows NT 4.0 or Windows 2000.
Since the virus targets servers, mostly used by businesses, few individual computer users were affected.
Computer security companies were posting advisories on how to deal with the virus late Thursday.
The Associated Press also learned that some of their servers had been infected by the "Code Red" virus.