Microsoft working with the feds; Virus attacks may be terrorism

WORLD TRIBUNE ^ | 8/21/03 | World Tribune Staff Writer

[Pro-Bush]

Microsoft working with the feds; Virus attacks may be terrorism

Evidence gathered by Microsoft, the FBI, and the Secret Service on the worldwide attacks made against computers running the Windows operating system fits the profile of "terrorist activity."

Industry sources citing Microsoft officials told World Tribune.com that recent attacks against from the "Blaster" worm and its variants, coupled with an email virus called "SoBig-F" show signs of a coordinated attack by an entity wanting to disrupt world commerce. Microsoft is cooperating with both the FBI and the Secret Service and will report their findings in the next few days.

While at present no terrorist organizations have claimed responsibility for these attacks in cyberspace, Microsoft is an obvious target for terrorists as the largest, most recognizable, and most profitable software company in the world.

The Blaster worm exploits a flaw in the Remote Procedure Call (RPC) component used by Microsoft Windows, the operating system installed on an estimated 90 percent of all home and corporate desktop computers worldwide.

A patch was made available free of charge by Microsoft in July 2003, but few home or corporate users downloaded the fix. The Blaster worm seeks out any Internet-enabled Windows computer without the fix, installs malicious code that takes control of the computer, and beings attacking a Microsoft corporate Web site used to distribute software fixes to Windows users. SoBig-F is a rehash of a virus first spread by hackers in January 2003. The "F" strain clogs e-mail systems full of messages with subjects like "Re: Details" and "Re: Wicked screensaver," and then installs a "Trojan horse" program that is used to spit out thousands of copies of the virus from the victims' computers.

Microsoft officials said the company is working proactively to halt the spread of the Blaster and SoBig attacks by encouraging Windows users to regularly update their computers using the free Windows Update feature in Windows 2000, XP, and Server 2003.

Late Wednesday afternoon, Microsoft posted two "critical updates" to Windows Update that fixed flaws in their Internet Explorer Web browser and a collection of common Windows operating system components that would "allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions, including executing code." Sources inside Microsoft say that up to three more of these critical updates will be released in the next few days to coincide with the Blaster and SoBig-F investigation.

[lelio]

Hrmmm.... Howard Dean is a big time blogger. Makes one wonder. If I see him with a can of Jolt Cola I reckon its him.

I'm waiting for the next SoBig variant that scans your hard drive and then emails out images it finds under "My Pictures" Dang could that be embarassing.

[ninenot]

APparently not, because this AM's reports on the virus indicated that it ALSO masks the sender address.

Interestingly, I got a virus from what appeared to be a Microsoft email to me--about 60 days ago. The virus was not at that time defined by Norton--but it was about 3 days later. The message was 'Response to your Question.'

Didn't cause any problems for me, except the box got a little slower--just a little--and on my regular Norton update day, after the download and scan, it told me I had a virus.

Cleaned up, no problem since. I think.

[Pro-Bush]

Has anyone investigated whether Nancy Pelosi knows how to create viruses?

I don't think so, but I believe Barbara Boxer can.

[milan]

I'm waiting for the next SoBig variant that scans your hard drive and then emails out images it finds under "My Pictures" Dang could that be embarassing.

With as many pictures as I have, it might bring the internet down... ;)

[Pro-Bush]

Tell me how you REALLY feel about Microsoft...</sarcasm

[knews_hound]

We think alike.

Cheers,

knews hound

[Malsua]

>>Hate to burst your petri dish, but if MSFT ceased to exist tomorrow, the Linux, or the replacement would be the next target. <<

Yup. Linux is still a target.

Wanna do an experiment? Get a REDHAT 6.anything version. Secure it but use it like a real server with an Open FTP port and a few other services.

It will be comprimised and rooted in a few days or less.

I kept up with patches, kept my linux box as current as I knew...then I got a call from my ISP that said my IP was port scanning any number of financial houses.

I unplugged it and found a hacker's toolchest buried deep in the man pages. Complete with updated PS, Grep, and a number of other tools that hid the activity. The wank had both ethernet interfaces in promiscuous mode all the time and had logs of all the activity. Thank god for HTTPS.

I unplugged it and bought a cheap hardware solution for my at home NAT needs. Just take a look at all the patches out there to fill security holes on 'nix boxes. It's as many as any Windows system.

-Mal

[jude24]

I've gotten over a hundred today, as well.

Thankfully, my ISP virus-scans my email, and I also have Norton Antivirus and ZoneAlarm installed on both my computers. But most people dont bother with what I have done.

[milan]

You said it all. Linux and Unix are as suceptible as Microsoft. You just don't hear about it as much.

The Microsoft attacks are in line with "well, Honda Civics are the most widely stolen vehicles on the planet...we should sue Honda! Can't they do something to keep the thieves from stealing them." The whole time the thieves are stealing them; not because they are easy to steal, but becuase their numbers are greater and they are easier targets becuase of their commonality.

[rivercat]

Who would want to halt world commerce?

Well, aside from Al Qaida, how about the Linux open-source crowd? :)

[MizSterious]

Makes ya go "hmmmmm...."

[milan]

Well, aside from Al Qaida, how about the Linux open-source crowd? :)

Should have left the smiley off the sentence...you are probably more correct than the FBI.

[ex-Texan]

*BUMP* !

[lelio]

But most people dont bother with what I have done.

And that's what kills me about this: those of us that lock our doors are having to fend of a million zombie burglars as some people are just plain lazy.

If it just mucked up their own computer and spews their own personal information then I wouldn't mind. Heck I would laugh at seeing a copy of someone's nekkid picture that they kept under My Pictures.

Is "Kim Commando" the PC call in lady still on the radio? Perhaps if you've been a SoBig spreader you should be forced to go to a Boot Camp at your expense.

[snooker]

The terrorists put the holes in crappy windoze then exploited them to disrupt the economy.

I knew it wasn't the software designers fault or duty to build a decent secure product.

[Robert_Paulson2]

fight terrorism...
download linux or another unix distro that does not have the "come and kill me" entrances for computer viruses.

macs work nicely.. but osx is a unix.

[jacquej]

Is the reason Macs seem less vulnerable to viruses that there are fewer of Macs used, or is it that the OS system is more resistant to attacks?

I have always wondered about that.

[rivercat]

You're right. I work with a bunch of enviro-socialist-linux-open-source nutballs that would like nothing more than to see corporate America brought to its knees.

[jude24]

Maybe ISP's ought to start requiring that you buy an antivirus and a firewall to get internet access. It would certainly make their job easier.

[milan]

macs work nicely.. but osx is a unix.

As much as I defend Microsoft, I will say this: the only software package I can get to crash on OS X in my office...is MS office X. Kinda funny.