Microsoft working with the feds; Virus attacks may be terrorism

WORLD TRIBUNE ^ | 8/21/03 | World Tribune Staff Writer

[Pro-Bush]

Microsoft working with the feds; Virus attacks may be terrorism

Evidence gathered by Microsoft, the FBI, and the Secret Service on the worldwide attacks made against computers running the Windows operating system fits the profile of "terrorist activity."

Industry sources citing Microsoft officials told World Tribune.com that recent attacks against from the "Blaster" worm and its variants, coupled with an email virus called "SoBig-F" show signs of a coordinated attack by an entity wanting to disrupt world commerce. Microsoft is cooperating with both the FBI and the Secret Service and will report their findings in the next few days.

While at present no terrorist organizations have claimed responsibility for these attacks in cyberspace, Microsoft is an obvious target for terrorists as the largest, most recognizable, and most profitable software company in the world.

The Blaster worm exploits a flaw in the Remote Procedure Call (RPC) component used by Microsoft Windows, the operating system installed on an estimated 90 percent of all home and corporate desktop computers worldwide.

A patch was made available free of charge by Microsoft in July 2003, but few home or corporate users downloaded the fix. The Blaster worm seeks out any Internet-enabled Windows computer without the fix, installs malicious code that takes control of the computer, and beings attacking a Microsoft corporate Web site used to distribute software fixes to Windows users. SoBig-F is a rehash of a virus first spread by hackers in January 2003. The "F" strain clogs e-mail systems full of messages with subjects like "Re: Details" and "Re: Wicked screensaver," and then installs a "Trojan horse" program that is used to spit out thousands of copies of the virus from the victims' computers.

Microsoft officials said the company is working proactively to halt the spread of the Blaster and SoBig attacks by encouraging Windows users to regularly update their computers using the free Windows Update feature in Windows 2000, XP, and Server 2003.

Late Wednesday afternoon, Microsoft posted two "critical updates" to Windows Update that fixed flaws in their Internet Explorer Web browser and a collection of common Windows operating system components that would "allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions, including executing code." Sources inside Microsoft say that up to three more of these critical updates will be released in the next few days to coincide with the Blaster and SoBig-F investigation.

[Pro-Bush]

Hmmm. This could get interesting. Who would want to halt world commerce?

[lelio]

show signs of a coordinated attack by an entity wanting to disrupt world commerce

Its disrupting world commerce alright, Microsoft's share of it. People should wake up and realize that MSFT is the world's biggest virus petri dish maker.

[milan]

People should wake up and realize that MSFT is the world's biggest virus petri dish maker.

I work in IT and I love the absolute ignorance of these comments. If Linux was on top, the virus/worm activity would be directed at them. This is the typical "success should be punished" mentality that the Democrats display.

[Pro-Bush]

c'mon you can't blame microsoft for this one...They are the biggest Gorilla out there, it is obvious that any hacker would attack the Windows OS platform to acheive maximum damage.

[Peace will be here soon]

Maybe it is the wake-up call everyone needs. If more people and companies would pay closer attention to protecting their systems, this kind of stuff wouldn`t happen for the most part.

[LibKill]

It's probably some bored geek kids with WAY too much time on their hands. Of course, they should be shot when caught. There is no excuse for this kind of vandalism.

[RWG]

This is the typical "success should be punished" mentality that the Democrats display.

The blue screen of death is success?

[goodseedhomeschool (returned)]

Terrorists was my first thoughts on this. I had over 118 sobig spams in my email this morning. Clogged everything. It really makes you stop and think about some very important computer systems and how it would effect those. Shuddering here....

[lelio]

I work in IT and I love the absolute ignorance of these comments.

You can think what you want about MS being the biggest so that it is the biggest target, but that's like saying as GM's the largest car maker it can have the most defects as people are looking for them.

And is that supposed to make me feel any better the next time a virus like this comes out? And it will in another 6 months to a year, and probably after MS says "No way will this ever happen again."

[milan]

If more people and companies would pay closer attention to protecting their systems, this kind of stuff wouldn`t happen for the most part.

You're right. Microsoft is very good about releasing patches and making it easy to install. For that matter, RedHat and Mandrake are also very good about ease of updates. "What's that he said; RedHat needs updates?!?" < / sarcasm>

99% of virus problems are from people too lazy or uninformed about updates and virus protection.

[milan]

And is that supposed to make me feel any better the next time a virus like this comes out? And it will in another 6 months to a year, and probably after MS says "No way will this ever happen again."

Then use Linux and shut up!

[TomGuy]

Hate to burst your petri dish, but if MSFT ceased to exist tomorrow, the Linux, or the replacement would be the next target.

Whenever any other platform becomes a significant platform, then it will become susceptible to cyberattacks.

[milan]

I haven't had a virus in years...apparently you had. Where's the problem? The OS or the user?

[lelio]

The blue screen of death is success?

Well it is ... it means another system won't be sending me a "Wicked screensaver" or a notice about a movie I should see.

Hrmmm ... I wonder if I could configure my firewall so that if I notice an incoming SoBig email I'll nmap their IP address and see if I can send them a winpopup message that says "Patch your machine, dork"

[Dog Gone]

Who would want to halt world commerce?

Has anyone investigated whether Nancy Pelosi knows how to create viruses?

[Pro-Bush]

Maybe it is the wake-up call everyone needs. If more people and companies would pay closer attention to protecting their systems, this kind of stuff wouldn`t happen for the most part.

Symantec & Network Associates (McAfee) are making some big bucks this quarter. Those companies will be the next sweethearts on wall street.

[milan]

The blue screen of death is success?

Most blue screens happen when windows is booting and it usually gives a decent error message.

Have you ever had a failed boot on Linux or Unix? Try solving those. A blue screen is a welcome crash. Figure out a Unix SCSI boot problem then come complain about a blue screen. Windows is easy.

[milan]

Hrmmm ... I wonder if I could configure my firewall so that if I notice an incoming SoBig email I'll nmap their IP address and see if I can send them a winpopup message that says "Patch your machine, dork"

Considering the conversation, I don't think you could do this.

[Pro-Bush]

Terrorists was my first thoughts on this.

I am still in that camp

[glorgau]

And it wasn't terrorism before 9/11?

MS operating systems are hit by the most viri because they are the easiest thing to hit. The technical sophistication of the latest MSBlaster virus was childish. The idea of having executables attached to email in Outlook and Outlook Express is downright stupid. MS could have cleared much of their vunerability if they didn't want to leave "hooks" in their applications. The "hooks" are their so they can screw over any possible competitors. this is well documented behavior since the DR-DOS, Lotus 1-2-3 days. To say that this is "terrorism" is nothing more than the opportunistic ramblings of some marketing droid. Can we all say FUD?

< rant >
It is just pathetic what most moron users will accept in the computing world. People work with the melange that is a Microsoft operating system and think that is the way the world must be.
< /rant >