Lessons from worm week: new Internet attacks require constant vigilance.In August, students, teachers and administrators in Florida's Duval County Duval County may mean:
tr.v. dev·as·tat·ed, dev·as·tat·ing, dev·as·tates 1. To lay waste; destroy. 2. To overwhelm; confound; stun: was devastated by the rude remark. new Internet-borne worm called Blaster struck the network. Blaster-infested machines reboot To reload the operating system, which restarts the computer. See boot. (operating system) reboot - (From boot) A boot with the implication that the computer has not been down for long, or that the boot is a bounce intended to clear some state of wedgitude. See warm boot. repeatedly every few minutes, slow significantly or become unresponsive. The worm can also install a hidden program so that infected computers can be controlled remotely at a later date. The district was a casualty in a concentrated series of worldwide attacks that became known as "worm week." And, shine the district boasts one of the largest computer networks in the state--with more than 70,000 connected devices--it took several days to fix the problem. Worms are far more insidious than online viruses transmitted as e-mail attachments or piggybacked on infected disks. They rely less or not at all on humans to spread. Worms exploit security holes in computer software, such as operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. , and rapidly infect other machines through local networks and the Internet. Since conventional anti-virus measures do not work, the only protection is to download patch updates to correct flaws before new worms arrive. Multiple Challenges Blaster spread to more than one million computers by September, and shot right past firewalls and anti-virus software anti-virus software n → Antivirensoftware f of machines with Microsoft Windows See Windows. (operating system) Microsoft Windows - Microsoft's proprietary window system and user interface software released in 1985 to run on top of MS-DOS. Widely criticised for being too slow (hence "Windoze", "Microsloth Windows") on the machines available then. NT 4.0, Windows 2000, Windows XP The previous client version of Windows. XP was a major upgrade to the client version of Windows 2000 with numerous changes to the user interface. XP improved support for gaming, digital photography, instant messaging, wireless networking and sharing connections to the Internet. or Windows Serve 2003. The worm also directed infected machines to bombard bom·bard tr.v. bom·bard·ed, bom·bard·ing, bom·bards 1. To attack with bombs, shells, or missiles. 2. To assail persistently, as with requests. See Synonyms at attack, barrage2. 3. Microsoft's site for updating Windows, to prevent users from downloading needed patches. And adding insult to injury, malicious e-mail circulated that supposedly carded patches, but were actually viruses. (Microsoft does not transmit software updates by e-mail.) The impact of worm week was Mt even more keenly because it overlapped with unrelated global attacks by versions of SoBig, the fastest spreading e-mail virus A virus that comes within an attached file in an e-mail message. When that file is opened, the virus does its damage. Macro viruses can come in Microsoft Word documents that are sent as e-mail attachments. ever. The virus arrived in system-dogging barrages of messages with subject lines including "Wicked Screensaver" and "Your Application." When unleashed, it installed Trojan horse See Trojan. Trojan Horse hollow horse concealed soldiers, enabling them to enter and capture Troy. [Gk. Myth.: Iliad] See : Deceit (application, security) Trojan horse programs directing victims' computers to spew spam messages and virus copies to random e-marl addresses taken from user address books. Since the spam was mailed out trader random addresses, too, countless people received alarming notices that their machines had transmitted viruses, even when it was untrue. At its peak, SoBig infected 50 percent of the e-mail traveling across the Internet. Worm-Proofing Although no one could predict the severity of the worm attack, experts had warned about the Windows flaws weeks earlier, and Microsoft announced the availability of a critical patch on July 16. However, legions of users were unaware of the directive, or chose to ignore it, so worm week became a reality. Windows users should therefore update virus protection weekly, visit the Microsoft Web site regularly to download critical updates, and set up firewalls to help stop new intruders. More than 65,000 viruses have rolled across the Internet, causing an estimated $65 billion in damages, and dangerous new forum such as SoBig and the Blaster worm will continue to be developed. The tools to create more worms are readily available on an estimated 30,000 Web sites. While Duval County school Superintendent John C. Fryer Jr. credited his talented team of students for designing the district's Web portal, ironically, a high school student in Minnesota contributed to the attacks by adapting and launching a version of Blaster that infected 7,000 machines. He faces a $250,000 fine and up to 10 years in prison. The lessons of worm week should push you to reevaluate your security and priorities. Fighting worms and viruses begins at home. Web Resources * Duval County Public Schools www.educationcentral.org * Microsoft Windows Update windowsupdate.microsoft.com * What You Should Know About the Blaster Worm www.microsoft.com/security/ incident/blast.asp * Symantec Security Response securityresponse.symantec.com Odvard Egil Dyrli is senior editor and emeritus professor of education at the University of Connecticut The University of Connecticut is the State of Connecticut's land-grant university. It was founded in 1881 and serves more than 27,000 students on its six campuses, including more than 9,000 graduate students in multiple programs. UConn's main campus is in Storrs, Connecticut. . |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion