Just as this column was expounding on the virtues of protective firewalls, whether they be of the hardware or software variety, hackers pulled off another coup proving once again that security, where the Internet is concerned, is a relative term.
Two highly contagious worm viruses made the news last week, inconveniencing millions by causing temporary shutdowns around the world. Neither worm will cause any permanent damage to Web servers, but thats hardly the biggest worry. As long as the Internet is at the mercy of the mischievous, the online world will never be safe.
Right now these invasions are a little like someone breaking into the Louvre to look at the pictures. Its only a matter of time, however, before thieves take something important or some psychotic torches the place.
A worm virus known as "Code Red" either affected or shut down over 225,000 Web servers and network systems around the world. A number of servers hosting Whistler sites were briefly affected, including the server for Pique NewsMagazines own site.
While most of these Code Red worm attacks were generally mindless, the person who wrote the code had a specific target in mind the White House. The White House site was back up and running in no time but with a few alterations it took a little longer to catch while the worm was tying up the system it appears that a hacker actually managed to get into Whitehouse.org and alter President George W. Bushs inaugural address.
Here are a few highlights of the revised speech, in case you missed out:
"As I begin, I thank President Clinton for his service to our nation and our interns And I thank Vice President Gore for a contest conducted with great woodenness and concluded so inconclusively. I am honored and humbled to stand here, where so many of Americas leaders have come before me, and where so many Bushes will follow. Its hard to believe that two short weeks ago I couldnt even spell Washington.
"We have a place, all of us, in a long story a story like my pappy once told me, where a walrus and a carpenter set out to find some oysters. Im sorry, I got distracted. Is anyone else here hungry? A guy gets appointed head of the free world and he cant even get an appetizer at his own coronation. Stop kicking me Oh yeah, the story.
"It is the American story a story of flawed and fallible people, united across the generations by grand and enduring ideals. I think. Maybe thats grand and ensuring. This aint a very good story, is it?"
Code Red destroyed and deleted some files as it jumped from place to place via the Internet, but for the most part it slowed system performance and created system instability. An analysis of the worm found that the infected computers were programmed to hit the White House computers on Thursday evening with a denial of service attack essentially sending hundreds of thousands of messages to Whitehouse.org simultaneously to overwhelm the server.
Security analysts had been aware that Code Red existed weeks before the attack, but were unable to get ahead of it. CERT (www.cert.org), a kind of clearinghouse for hack attacks offering fixes and virus patches, had a solution available. Most of the affected servers were back up and running by the end of the day with the help of CERT and other virus protection services. Code Red only affected Web servers with the IIS Microsoft Windows configuration.
The second worm is called "Sircam," and if its not in your e-mail inbox already its probably on its way. Like a lot of the more troublesome worm viruses out there, Sircam propagates itself via email, using Microsoft Outlook Express or another e-mail application to send itself to everyone in your address book.
The person on the receiving end gets an e-mail from a friend or an associate and opens the email and the attachment. Once the attachment is opened, Sircam sends itself to everyone in his or her address book, and so on and so on. What makes Sircam hard to protect against is the fact that it uses randomly selected subject lines and messages, like "I send you this file in order to have your advice" and "See you later! Thanks".
This wouldnt be so bad except that Sircam isnt content to procreate it likes to recreate as well, potentially embarrassing affected persons.
While its in your computer, Sircam scans your "My Documents" folder and sends a few files with the ".doc" and ".jpg" extensions along to everybody in your address book. Thats not good if its proprietary business information, a sonnet you wrote to your intern, or a naked picture of your best friends wife.
Tips on removing Sircam from an infected computer are available on most anti virus Web sites.
While most viruses are easily intercepted and the public usually has some kind of warning, worm viruses are a little different in that they can wait, hide, and find their way into almost any system providing you let them.
Its not enough to respond to worm and virus alerts. Keeping your server and your inaugural speech safe means keeping up to date on all the latest viruses, worms, or other unwelcome invasions. You snooze, you lose.
www.cert.org Carnegie Mellon Software Engineering Institute
www.eeye.com eEye Digital Security
www.zdnet.com Computer newswire
www.microsoft.com/technet/ Microsofts virus and security centre for Office and Windows software.
www.apple.com/support/security/ Apples virus and security centre for proprietary and Apple OS platforms.