Worm turns - and infects 150,000 servers
The virus-like ‘‘Code Red’’ worm managed to infect computers around the world - although the outbreak was not as severe as predicted.
‘‘We’re still watchful, but for the first time, we’re hopeful as well,’’ Alan Paller, research director at the SANS Institute, a computer security think tank working with the US Government to monitor the internet, said.
Nearly 150,000 Internet-connected computers running Microsoft’s NT or Windows 2000 operating system had been infected by Code Red by last night, according to SANS data.
Although the rate of infection doubled each hour early on, the rate of increase gradually abated.
The Pentagon had to shut down public access to many US Defence Department websites again, a week after it shut down most military sites to protect against Code Red.
‘‘These prudent measures are being taken to ensure DOD networks remain protected and available for use,’’ the Pentagon said in a statement.
Government officials were still cautious, but noted the decline in the infection rate.
‘‘At this point, it is still too soon to say for certain whether this pattern will continue,’’ said a joint statement by the FBI, White House and other officials. ‘‘We remain vigilant in monitoring this situation.’’
Unlike a computer virus, which needs a person to help it spread, a worm infects other computers on its own. It does not affect most home computers.
Officials worried that the outbreak would be as crippling as Code Red’s first appearance on July 19, in which more than 250,000 systems were infected in its first nine hours.
As a result, there were widespread slowdowns and crashes across the internet.
This time, after Code Red launched at midnight yesterday, the worm has had a much lower infection rate.
German, French and British officials reported that Code Red’s impact was minimal.
But foreign and American computer experts continued to warn that computer users should still download a software patch from Microsoft to inoculate their systems from the worm.
Website administrators running Microsoft Windows NT and 2000 operating systems, along with the Internet Information Services software, are vulnerable unless the patch is installed. Users running Windows 95, 98 or Me are not affected.
Experts worried that newly discovered versions of the worm can be reprogrammed to launch crippling attacks on any website. They also warn that the danger is far from over.
Code Red is programmed to keep trying to infect computers until the 19th of the month. After that it goes into attack mode, sending junk data to the White House’s website.
Even though the White House moved its numerical internet address last month to dodge the first outbreak, the attack may have the unintended affect of clogging up the internet causing slowdowns.
This is similar to millions of phone calls to a wrong number not affecting the intended recipient, but the calls themselves still jamming phone lines for everyone else.
FBI officials said more than a million people had downloaded the patch from Microsoft, although it was impossible to guess how many computers have actually been fixed.
Experts’ predictions ranged from the infection of a million or more computers and a massive internet slowdown to little effect.
The Government took few chances, pressing to get as many website operators as possible to inoculate their systems before the attack.
Code Red is the most infamous computer worm since the first worm, created in 1988, which took down most of the fledgling internet.
Owners of infected computers can turn their computers off and on again to clear out the worm, but they still need to install Microsoft’s patch to keep from being reinfected.
