BBC NEWS Americas Africa Europe Middle East South Asia Asia Pacific Arabic Spanish Russian Chinese Welsh

 You are in: Sci/Tech
Front Page 
UK Politics 
Talking Point 
In Depth 

Commonwealth Games 2002

BBC Sport

BBC Weather

Tuesday, 31 July, 2001, 04:02 GMT 05:02 UK
Internet put on Code Red alert
White House website WWW
Code Red has targeted the White House website
The US Government has warned computer users worldwide to protect themselves against a malicious program known as the Code Red worm.

Ronald Dick, head of the FBI's National Infrastructure Protection Centre (NIPC), said worms such as Code Red posed a distinct threat to the internet.

[Code Red is] enough to cause the meltdown of the internet

Russ Cooper
Computer security specialist
The worm, which first surfaced in mid-July, has been mainly dormant since then, although it has already infected hundreds of thousands of systems.

Experts believe it is set to spread again on Tuesday night, just as the calendar enters August at 0000 GMT.

Investigators do not yet know who wrote Code Red or where it started, though the words "Hacked by Chinese" which appear for a few hours on infected machines raise a suspicion that this is another development in an ongoing Chinese-American war of hackers.

The FBI says it is working with experts in the United Kingdom, Australia and Canada to try to contain the worm's spread.

The Code Red program is called a worm because it can spread across networks and infect new machines without computer users having to do anything at all.

Search for source

Law enforcement officials have asked for the public's help in finding those responsible for the worm.

"If individuals have information about the people that have committed this crime, we ask them to come forward," said Mr Dick.

Pentagon AP
The Pentagon had to pull the plug on its public facing sites
Mr Dick also expressed concern that too many computer users thought of their systems as mere appliances, not recognizing that a computer needs "to be constantly monitored and maintained. It functions like a living organism".

He stressed the need for firms running Microsoft Windows NT and 2000 operating systems, along with the Internet Information Services software (IIS), to download Microsoft's security update.

"We should consider it a civic duty to ensure that if you are running IIS software, you have patched it," Mr Dick said.

Click here for links to Microsoft security downloads

Home users running Windows 95, 98 or Me are not vulnerable and machines running non-Microsoft operating systems will also be unaffected.

However, even if your own computer is unaffected, Code Red could seriously disrupt your access to the internet.

It is "enough to cause the meltdown of the Internet," said Russ Cooper of security services company TruSecure Corp.

White House web attack

Earlier this month, the White House changed the net address of its public facing websites following warnings that Code Red had infected many thousands of machines and was about to flood it with bogus data requests.

In Code Red's first search and infect wave that ended on 19 July, the Code Red program is thought to have installed itself on more than 250,000 machines.

Now, the Code Red program is about to launch a search for more machines to infect.

Experts fear the wave of scanning this will unleash could cause problems for net users.

Many anti-virus companies have now issued software that helps system administrators work out if they are vulnerable, and search for and purge the Code Red worm from their machines.

Already two variants of the Code Red worm have been found.

Microsoft patches available at:

Code Red patch information

Windows NT patch

Windows 2000 patch

Click here to return

The BBC's Nick Bryant
"Luckily there is a fix"
Rex Frank, Alvaka Networks, Los Angeles
"This is a wake up call, the next generation could be a lot more destructive"
Graham Clueley, Technology consultant
"It can hack into your website and deface your main page"

Hacked off
Can the Code Red hackers be stopped?
See also:

24 Jul 01 | Americas
Pentagon dodges virus threat
20 Jul 01 | Sci/Tech
White House dodges web virus
10 May 01 | Sci/Tech
Porn virus fizzles out
24 May 01 | Sci/Tech
Web warning centre in net attack
01 May 01 | Sci/Tech
US and Chinese hackers trade blows
11 Feb 00 | UK
A - Z: Hack attack
27 Oct 00 | Sci/Tech
Hacking: A history
Links to more Sci/Tech stories are at the foot of the page.

E-mail this story to a friend

Links to more Sci/Tech stories