Lawsuits to Follow Internet Crash

The Korea Times ^ | January 27, 2003 | Na Jeong-ju

[HAL9000]

Internet cafes, online shopping malls and other Web-related businesses will likely take legal action as a result of their losses incurred by the virus-like worm which shut down millions of Web-based businesses over the weekend, industry sources said yesterday.

It is not yet clear how and when they will take the steps, but officials from the Ministry of Information and Communication (MIC) said they have received messages that the businesses will form an alliance for a lawsuit against the ministry and major Internet service providers.

``Meetings have been organized by senior officials to discuss and how to deal with the matter,'' Lee Jang-sik, an MIC official, said.

Each Internet shopping mall is believed to have suffered billions of won in losses due to the crippling of Internet service just days before the Lunar New Year holiday, when they normally post the biggest sales. Seats at thousands of Internet cafes nationwide were almost vacant as servers broke down over the weekend.

Some ministry officials say it is not proper for the businesses to take legal action because the problem originated from a worm virus released by unidentified hackers.

But experts say Internet service providers could have prevented the shutdown if they had previously installed a security patch, released six months ago by the U.S. software giant Microsoft on its Internet homepage, to protect vulnerable computers.

A warning was posted prior to the breakdown on the MIC homepage, but it was too late for users to take countermeasures, computer experts said.

As of yesterday afternoon, administrators were still unable to contact Microsoft over the Internet, preventing them from downloading the crucial software patch.

``Debate will be focused on whether the shutdown was beyond human control or the outcome of negligence on the part of Internet service providers,'' said Choi Yong-sok, a lawyer in Seoul. If filed, the suits will depend on whether or not the service providers and relevant government authorities took appropriate measures to prevent worm viruses from penetrating the database control systems, he said.

[HAL9000]

Some ministry officials say it is not proper for the businesses to take legal action because the problem originated from a worm virus released by unidentified hackers.

No, the problem originated when Microsoft shipped thousands of commercially defective SQL Servers with a gaping security hole, then failed to effectively remedy the problem.

[ThinkingMan]

Maybe they should sue Al Gore?

[rivercat]

failed to effectively remedy the problem.

I love you ABM-types. You sound like the Dims attacking the pubbies. In any case, they released a fix for this issue 6+ months ago. If the ISPs were too lazy to install the patches, then they had it coming.

[BearCub]

No, the problem originated when Microsoft shipped thousands of commercially defective SQL Servers with a gaping security hole, then failed to effectively remedy the problem.

You are completely full of sh!t.

Microsoft addressed this in a security patch released in JULY, 2002.

[Lee Heggy]

I completely agree. They also should have been using lineux or Macs. I use several different platforms and the one I dislike the most is Windows. I use it and will probably always have to unfortunately.

[xrp]

Hey Mr Perfect, show me a piece of software that is bug free and you'll have shown me the impossible.

In this case, the problem resides with either irressponsible administrators or restrictive controls set in place in companies and corporations.

UNIX variants are just as full of bugs and holes as Microsoft. You just don't hear 'the establishment' complaining about it.

[rivercat]

Linux and Macs... They're kind of a retro "pop-culture" thing. You know, trendy. Like yoga, sandals, granola, not bathing regularly, wearing one of those stupid little goatees, and attending anti-america rallies. But it's so cool.

The problem is that Win XP is much more user-friendly and stable than either of these.

[jpl]

The only way to really solve this problem (and many other problems with the World Wide Web) is to lock out all net traffic originating from China, South Korea, and some other far eastern countries.

[Salgak]

While XP, and 2000, IS quite stable, I find that a monthly re-boot does wonders for performance. Whereas I know of Unix and Linux boxes that have had uptimes measured in YEARS: one friend of mine had to reboot his only because he had to power down to physically move the box to a new location. . .it had been running, without reboot, for 3 1/2 years as a webserver. . . .

[Blood of Tyrants]

No, the problem is with lazy IT people who fail to properly check for security updates and then implement them.

[HAL9000]

You are completely full of sh!t.

You are in denial. If Microsoft had effectively remedied the problem, the Internet would not have gotten hammered last weekend.

There are three parties at fault -

* Microsoft, for distributing commercially defective software with a security hole that was easily exploitable for malicious purposes and failing to get the flaw removed from least 200,000 MSSQL servers.

* The Microsoft customers who failed to apply the patch.

* The hacker who wrote and distributed the worm.

If any one of those elements had not been present, the worm would not have spread. Don't try to dodge Microsoft's share of responsibility for the problem - they created the security hole in the first place.

MSSQL customers lack recourse against Microsoft due to the EULA, but there are millions of innocent third-parties who were damaged by Microsoft's failure to effectively correct the security hole. Those third-parties have an excellent case against Microsoft.

[Stentor]

Microsoft addressed this in a security patch released in JULY, 2002.

What was the number of the beta they released? Hint. Go for the deep pockets.

[MrCraig]

The only way to really solve this problem (and many other problems with the World Wide Web) is to lock out all net traffic originating from China, South Korea, and some other far eastern countries.

How True ! I recently represented a company trying to stop a email impersonation attack. It took months to get the orginating China ISP to acknowledge the problem and to delete the account. Costing my client $thousands in the process.

[Salgak]

And the hundreds of colleges that were hit by the internet worm in 1988 should sue U.C. Berkeley ? After all, they shipped BSD Unix with security holes!

Reality check: Microsoft found the hole, issued the patch, and announced the patch. It was on my servers the day after I got 3 separate security notices on the patch: one from MS, one from CERT, and one from another security site which has since been eaten by another company (packetstorm).

There is NO SUCH THING as a totally secure OS and a totally secured network-attached computer. You can only manage the risk by proper use of patches, firewalls, etc.

The blame here goes to poorly-trained or incompetent Windows sysadmins who used default installations and failed to harden their systems against outside threats.

The hacker or hackers are also to blame. But Microsoft acted in a proactive fashion, 6+ months ago, by identifying the vulnerability, developing a fix, and putting the fix out for anyone to download and install. . .

[BearCub]

You are in denial. If Microsoft had effectively remedied the problem, the Internet would not have gotten hammered last weekend.

There are three parties at fault -

* Microsoft, for distributing commercially defective software with a security hole that was easily exploitable for malicious purposes and failing to get the flaw removed from least 200,000 MSSQL servers.

* The Microsoft customers who failed to apply the patch.

* The hacker who wrote and distributed the worm.

If any one of those elements had not been present, the worm would not have spread. Don't try to dodge Microsoft's share of responsibility for the problem - they created the security hole in the first place.

Following your logic, it would be reasonable to argue that if had MS never written SQL Server in the first place then it wouldn't have happened either.

All software ships with bugs. Don't single MS out for this one. As soon as they knew of the problem they posted a patch. Any SQL Admin who has a clue subscribes to the MS security bulletin e-mailings & would have received timely notice ('timely' as in 'last summer'). They can't force anyone to (1) pay attention or (2) apply the patch when it becomes available.

The fault for this rests squarely on the shoulders of (1) the asshole(s) who wrote the worm and (2) on the clueless SQL Admins who ignored the bulletin or failed to see it in the first place.

[BearCub]

What was the number of the beta they released? Hint. Go for the deep pockets.

Huh?

[The FRugitive]

Blame Microsoft First! :p

[Mr_Magoo]

Now, I hate Micro$lop bloatware as much or more than most. That said, in this case I think one of the LARGE factors in this hitting asia as hard as it did is the high # of pirate copies that they could not get patches for.

[BearCub]

Subscriptions for the Microsoft Security Notification Service

To subscribe to the Microsoft Security Notification Service, please visit the Microsoft Profile Center at http://register.microsoft.com/regsys/pic.asp

To unsubscribe to the Microsoft Security Notification Service, please visit the Microsoft Profile Center at http://register.microsoft.com/regsys/pic.asp

This is a free e-mail notification service that Microsoft uses to send information to subscribers about the security of Microsoft products.

The goal of this service is to provide accurate information to our customers that they can use to inform and protect themselves from malicious attacks. Our security team investigates issues reported directly to Microsoft, as well as issues discussed in certain popular security newsgroups. When we publish bulletins, they'll contain information on what the issue is, what products it affects-if any, how to protect yourself against, what we plan to do to fix the problem, and links to other sources of information on the issue.

This service supplements our existing security reporting procedures. You can continue to read security bulletins and other information about Microsoft product security on http://www.microsoft.com/technet/security.

Problems with your Subscription to the Microsoft Security Notification Service

If you have any problems subscribing, unsubscribing or receiving the security notifications, please send an email describing your issue to http://www.microsoft.com/technet/siteguide/write-us.asp.

Verifying our Digital Signature

We digitally sign all security bulletins. To verify the signature, please download our PGP key here. The key's fingerprint is
5E39 0633 D6B3 9788 F776 D980 AB7A 9432.

Web subscribe or unsubscribe to the Microsoft Security Notification Service requires a Microsoft Passport.
If you do not wish to use Microsoft Passport, you can subscribe or unsubscribe to the Microsoft Security Notification Service via a Web form as described below:

Other Ways To Subscribe Or Unsubscribe To The Microsoft Security Notification Service

Visit the Microsoft Security Notification Web form at: http://register.microsoft.com/subscription/subscribeme.asp?ID=135.

To unsubscribe to the Microsoft Security Notification Service, reply to a Microsoft Security Notification email with the word "unsubscribe" in the subject line

[BearCub]

Now, I hate Micro$lop bloatware as much or more than most. That said, in this case I think one of the LARGE factors in this hitting asia as hard as it did is the high # of pirate copies that they could not get patches for.

One of the nice things about MS support is that anyone can download patches, whether they have registered software or not.