The last two weeks has seen Internet chaos due to two fast-spreading worms - SirCam and Code Red. This scourge highlights the fact that users and administrators are still clueless when it comes to basic security principles. Another disturbing trend is that these viruses are becoming more intelligent and dangerous.
[VIDEO]Code Red literally brought the Internet to its knees for a day. Its massive spread caused ISPs` network loads to reach denial of service levels, while their Web servers were not only trashed, but also used to propagate the attack to other networks.
If the Code Red worm had not been reverse engineered, it would have launched a massive DoS attack aimed at the White House. This baby was not only bad - it was cleverly written. Many did not realise that they were infected until the worm had already used their machines to propagate itself elsewhere.
Systems administrators who let this happen should be flayed. Their job is to keep their systems secure. There was a patch out from Microsoft that would have stopped Code Red in its tracks, had it been installed on most servers. The successful Code Red run shows that this was not the case. I would like to know what all these techies are paid for if not to ensure the success of their various Web sites. Having the Internet take such a knock - not only physically, but also in its reputation - does nothing for the industry.
In memory of Melissa
Users should know by know that you do not open attachments from an unreliable source. In fact, just don`t open attachments.
Jason Norwood-Young, technology editor, ITWeb
Shortly after the server attack, another virus proved that we have not come very far since the days of Melissa. The SirCam worm is still happily sending out mails from various PCs containing documents that should have the utmost protection.
ITWeb is still receiving a flood of SirCam posts. On Monday, I received one from Bell South in the States.
Users should know by know that you do not open attachments from an unreliable source. In fact, just don`t open attachments. SirCam was not a great example of social engineering. "Hi! How are you?" is not a line that inspires one to check out the obviously unsafe attachment, yet users still naively opened it.
SirCam is a little smarter than previous worms. It doesn`t do the usual address book grab - it also looks through cached Web pages and finds e-mail addresses - hence ITWeb`s popularity as a SirCam recipient. Both SirCam and Code Red demonstrated a little more intelligence than the average worm out there.
I take my hat off to both virus writers - particularly the Code Red author for a very nifty piece of code. If the trend continues, we will see smarter, more insidious worms creeping through the network, potentially causing significantly more damage and becoming harder to stop.
Unless user education and, sadly, administrator education significantly improves soon, the next spate of viruses could do a lot more damage than SirCam and Code Red put together.
Share