Overseas media reports of a large-scale Internet site attack by a mysterious virus have left local computer security experts puzzled.
US news organisation CNN.com reported yesterday that the US Department of Homeland Security, the government agency tasked with monitoring threats to US computer infrastructure, had issued a warning of a large-scale Internet attack against thousands of popular Web sites. It said the virus-like infection tried to implant hacker software onto the computers of all Web site visitors.
According to the report, the mysterious infection appeared to target at least one recent version of Microsoft`s Internet Information Server (IIS) software.
News of a computer virus, worm or some kind of Internet threat usually sends off alarm bells around the world because of the speed that computer networks can be affected and important data compromised.
US news publication The Inquirer also posted the story on its Web site yesterday. It reported that the US government warned that a big Internet attack against thousands of Web sites was under way.
"The Homeland Security people said the worm affected the IIS, but the report, as a whole, is puzzling," the article said.
The Inquirer contacted security software firm Secunia to see what it made of this warning. According to Thomas Kristensen, CTO of Secunia, the vulnerability described by Homeland Security is the unpatched Internet Explorer bug, which has been reported in the past.
As far as the IIS vulnerability is concerned, Secunia thinks it may be a Trojan for which patches are available.
Other Web site news reports indicate that attacks have taken place, with CNET News.com reporting that security researchers believe online organised crime groups are breaking into Web servers, surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed.
The original US government warning can be found here.
South African computer security experts have no idea what to make of these various reports.
Ryan Price, MD of Y3K, says he has received no notification of any Internet security threat.
"The last one was that of a worm earlier this week, which was classified as a level three alert and so not considered to be very serious," he says.
Brett Myroff, CEO of Sophos distributor Netxactics, says he has received no alerts either and while he has heard of something, it was not considered serious.
"We have seen no increase in Internet threat activity and this whole situation is really strange."
Share