Experts wonder if new versions of the worm will target critical parts of infrastructure
The first wave of the Code Red worm infected more than 350,000 servers on the Internet last month and cost more than $1 billion for companies around the world to clean up the mess. The second wave of Code Red infected more than 250,000 servers last week, with the cleanup costs still to be calculated. Security experts are wondering what's next.
Many were surprised the worm didn't do more damage. Both versions are designed to deface some Web sites and launch a distributed denial-of-service attack on the White House Web site, which easily dodged the first attack by changing its Internet address. "It's peculiar to me that this worm seemed so well-written on one hand, yet had such an ineffectual payload," says Frank Prince, a security analyst with Forrester Research. More dangerous versions of the worm may be on their way, he says.
Also concerned is Chris Rouland, director of Internet Security Systems Inc.'s research arm, X-Force. He says the two versions of Code Red may be a "beta test for information warfare," and IT managers need to prepare for more damaging versions. "If new variants target more critical parts of the infrastructure, we'll be seeing a lot more trouble," he says.
Code Red is just the latest in what are a growing number of viruses and worms that attack servers and Web sites. The worm exploits a vulnerability in the 6 million Windows servers that run Microsoft's Internet Information Services software and uses those servers to launch an attack. Many security experts warned that Code Red could create so much traffic that the Internet could slow down. The threat was taken so seriously that the FBI's National Infrastructure Protection Center called an unprecedented press conference to warn businesses to download and install a free software patch to cure infected servers and eliminate the vulnerability.
The second version of the worm is poised to attempt another attack Aug. 20 on whitehouse.gov, but few expect it to have much impact. "The White House and Internet service providers have all prepared themselves for that attack," says Pete Lindstrom, a security analyst with Hurwitz Group, "and nothing of significance should happen."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.