Printer Friendly

Lessons from worm week: new Internet attacks require constant vigilance.

In August, students, teachers and administrators in Florida's Duval County Public Schools were told not to use their school computers because a devastating new Internet-borne worm called Blaster struck the network.

Blaster-infested machines reboot repeatedly every few minutes, slow significantly or become unresponsive. The worm can also install a hidden program so that infected computers can be controlled remotely at a later date. The district was a casualty in a concentrated series of worldwide attacks that became known as "worm week." And, shine the district boasts one of the largest computer networks in the state--with more than 70,000 connected devices--it took several days to fix the problem.

Worms are far more insidious than online viruses transmitted as e-mail attachments or piggybacked on infected disks. They rely less or not at all on humans to spread. Worms exploit security holes in computer software, such as operating systems, and rapidly infect other machines through local networks and the Internet. Since conventional anti-virus measures do not work, the only protection is to download patch updates to correct flaws before new worms arrive.

Multiple Challenges

Blaster spread to more than one million computers by September, and shot right past firewalls and anti-virus software of machines with Microsoft Windows NT 4.0, Windows 2000, Windows XP or Windows Serve 2003. The worm also directed infected machines to bombard Microsoft's site for updating Windows, to prevent users from downloading needed patches. And adding insult to injury, malicious e-mail circulated that supposedly carded patches, but were actually viruses. (Microsoft does not transmit software updates by e-mail.)

The impact of worm week was Mt even more keenly because it overlapped with unrelated global attacks by versions of SoBig, the fastest spreading e-mail virus ever. The virus arrived in system-dogging barrages of messages with subject lines including "Wicked Screensaver" and "Your Application." When unleashed, it installed Trojan horse programs directing victims' computers to spew spam messages and virus copies to random e-marl addresses taken from user address books. Since the spam was mailed out trader random addresses, too, countless people received alarming notices that their machines had transmitted viruses, even when it was untrue. At its peak, SoBig infected 50 percent of the e-mail traveling across the Internet.


Although no one could predict the severity of the worm attack, experts had warned about the Windows flaws weeks earlier, and Microsoft announced the availability of a critical patch on July 16. However, legions of users were unaware of the directive, or chose to ignore it, so worm week became a reality.

Windows users should therefore update virus protection weekly, visit the Microsoft Web site regularly to download critical updates, and set up firewalls to help stop new intruders. More than 65,000 viruses have rolled across the Internet, causing an estimated $65 billion in damages, and dangerous new forum such as SoBig and the Blaster worm will continue to be developed.

The tools to create more worms are readily available on an estimated 30,000 Web sites. While Duval County school Superintendent John C. Fryer Jr. credited his talented team of students for designing the district's Web portal, ironically, a high school student in Minnesota contributed to the attacks by adapting and launching a version of Blaster that infected 7,000 machines. He faces a $250,000 fine and up to 10 years in prison. The lessons of worm week should push you to reevaluate your security and priorities. Fighting worms and viruses begins at home.

Web Resources

* Duval County Public Schools

* Microsoft Windows Update

* What You Should Know About the Blaster Worm incident/blast.asp

* Symantec Security Response

Odvard Egil Dyrli is senior editor and emeritus professor of education at the University of Connecticut.
COPYRIGHT 2003 Professional Media Group LLC
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2003, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:The Online Edge
Author:Dyrli, Odvard Egil
Publication:District Administration
Geographic Code:1USA
Date:Nov 1, 2003
Previous Article:New Google tool = more math cheaters?
Next Article:The case for basket weaving: teacher preparation is too important to be discarded.

Related Articles
Computer Parasitology.
Sophos Six-Month Summary Of Virus Activity.
Web worms: Code Red to Warhol.
"Blue code": worm that fights "Code Red" and IIS-servers. (VIRUS NOTES).
Protecting your computers from invaders: antivirus-software powerhouse Symantec offers tips for keeping viruses, worms, and Trojan horses at bay.
Viruses on rise, but are companies liable?
UK tops league of top bot countries.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters