News
News
8/3/2001
07:32 AM
Connect Directly
RSS
E-Mail
50%
50%

Code Red: Are You Ready For The Next Attack?

Experts wonder if new versions of the worm will target critical parts of infrastructure

The first wave of the Code Red worm infected more than 350,000 servers on the Internet last month and cost more than $1 billion for companies around the world to clean up the mess. The second wave of Code Red infected more than 250,000 servers last week, with the cleanup costs still to be calculated. Security experts are wondering what's next.

Many were surprised the worm didn't do more damage. Both versions are designed to deface some Web sites and launch a distributed denial-of-service attack on the White House Web site, which easily dodged the first attack by changing its Internet address. "It's peculiar to me that this worm seemed so well-written on one hand, yet had such an ineffectual payload," says Frank Prince, a security analyst with Forrester Research. More dangerous versions of the worm may be on their way, he says.

Also concerned is Chris Rouland, director of Internet Security Systems Inc.'s research arm, X-Force. He says the two versions of Code Red may be a "beta test for information warfare," and IT managers need to prepare for more damaging versions. "If new variants target more critical parts of the infrastructure, we'll be seeing a lot more trouble," he says.

Code Red is just the latest in what are a growing number of viruses and worms that attack servers and Web sites. The worm exploits a vulnerability in the 6 million Windows servers that run Microsoft's Internet Information Services software and uses those servers to launch an attack. Many security experts warned that Code Red could create so much traffic that the Internet could slow down. The threat was taken so seriously that the FBI's National Infrastructure Protection Center called an unprecedented press conference to warn businesses to download and install a free software patch to cure infected servers and eliminate the vulnerability.

The second version of the worm is poised to attempt another attack Aug. 20 on whitehouse.gov, but few expect it to have much impact. "The White House and Internet service providers have all prepared themselves for that attack," says Pete Lindstrom, a security analyst with Hurwitz Group, "and nothing of significance should happen."

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.