Microsoft working with the feds; Virus attacks may be terrorism

WORLD TRIBUNE ^ | 8/21/03 | World Tribune Staff Writer

[Pro-Bush]

Microsoft working with the feds; Virus attacks may be terrorism

Evidence gathered by Microsoft, the FBI, and the Secret Service on the worldwide attacks made against computers running the Windows operating system fits the profile of "terrorist activity."

Industry sources citing Microsoft officials told World Tribune.com that recent attacks against from the "Blaster" worm and its variants, coupled with an email virus called "SoBig-F" show signs of a coordinated attack by an entity wanting to disrupt world commerce. Microsoft is cooperating with both the FBI and the Secret Service and will report their findings in the next few days.

While at present no terrorist organizations have claimed responsibility for these attacks in cyberspace, Microsoft is an obvious target for terrorists as the largest, most recognizable, and most profitable software company in the world.

The Blaster worm exploits a flaw in the Remote Procedure Call (RPC) component used by Microsoft Windows, the operating system installed on an estimated 90 percent of all home and corporate desktop computers worldwide.

A patch was made available free of charge by Microsoft in July 2003, but few home or corporate users downloaded the fix. The Blaster worm seeks out any Internet-enabled Windows computer without the fix, installs malicious code that takes control of the computer, and beings attacking a Microsoft corporate Web site used to distribute software fixes to Windows users. SoBig-F is a rehash of a virus first spread by hackers in January 2003. The "F" strain clogs e-mail systems full of messages with subjects like "Re: Details" and "Re: Wicked screensaver," and then installs a "Trojan horse" program that is used to spit out thousands of copies of the virus from the victims' computers.

Microsoft officials said the company is working proactively to halt the spread of the Blaster and SoBig attacks by encouraging Windows users to regularly update their computers using the free Windows Update feature in Windows 2000, XP, and Server 2003.

Late Wednesday afternoon, Microsoft posted two "critical updates" to Windows Update that fixed flaws in their Internet Explorer Web browser and a collection of common Windows operating system components that would "allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions, including executing code." Sources inside Microsoft say that up to three more of these critical updates will be released in the next few days to coincide with the Blaster and SoBig-F investigation.

[milan]

enviro-socialist-linux-open-source nutballs

Can I use that?

[Robert_Paulson2]

Have you ever had a failed boot on Linux or Unix?

no not for three years.... but hey, I almost never have to "reboot" unless I am adding a new video card or something.

last time it was so long between reboots, I had to lookup my year old password, I had forgotten it...

[Gorzaloon]

The blue screen of death is success?

What's that, something like a bomb icon?

[lelio]

ISPs could do a lot to confront this by blocking outgoing SMTP and NetBios attempts. Force users to send email through their own servers unless they have some sort of agreement otherwise. Don't allow incoming Windows file sharing requests.

Just doing those two things will stop 90% of the viruses out there.

[milan]

You are right, but answer me this: Can you take your average Windows user and let them loose on Linux?

[MarkL]

Have you ever had a failed boot on Linux or Unix? Try solving those. A blue screen is a welcome crash. Figure out a Unix SCSI boot problem then come complain about a blue screen. Windows is easy.

"Double Panic!"

Fun stuff!

Mark

[Gorzaloon]

Is the reason Macs seem less vulnerable to viruses that there are fewer of Macs used, or is it that the OS system is more resistant to attacks? I have always wondered about that.

They are less vulnerable to worms and viruses for exactly the same reason no one could steal my Studebaker with a key.

[jacquej]

That doesn't help me much, lol! I dunno about Studebakers and keys...

[Lael]

I'm waiting for the next SoBig variant that scans your hard drive and then emails out images it finds under "My Pictures" Dang could that be embarassing.

Actually, the 'payload' could include a variation of Norton Utilities [tm] Undelete function and a search for deleted JPEGS prior to the E-Mail out function.

Whether or not there is pornography, just the use of all that bandwidth for images would take the Internet down.

Since I am not in the Virus writing club, if I could think of it, I'll bet someone is working on it if not already done.

Symantec maintains a vast encyclopedia of viruses. Very, very few make it "into the WILD."

Figuring out a method of distribution that is 'overwhelming' seems to be the thing that stops most viruses.

[joanil]

So, by your reasoning MS is success?

Ooops, time to reload windows again.
My Microsoft OS 95/98/2k (add as needed) has become inoperational again....................

Gee , now is fun.
All my desktop stuff is vanished
Golly, lets load windows again,
surely our programs are safe now............

Oh my, it crashed again...............
can anyone save my valuable data?!?

Sorry, you did choose MS as your vendor did you not????
If so.............. Reload Disk./>

[COBOL2Java]

It's probably some bored geek kids with WAY too much time on their hands. Of course, they should be shot when caught. There is no excuse for this kind of vandalism.

No don't shoot 'em. Just let me and my TechArc buddies spend 10 minutes with them. I'll bring my aluminum bat, and my friend will bring his rubber hose. I just got home from another 14-hour day getting their $%^#*& stuff out of our servers.

[LibKill]

No don't shoot 'em. Just let me and my TechArc buddies spend 10 minutes with them. I'll bring my aluminum bat, and my friend will bring his rubber hose. I just got home from another 14-hour day getting their $%^#*& stuff out of our servers.

You are severe!

Just kidding. Where I work we have two graduate computer-master students who spend most of their time keeping ---- like this out of our system.

Can I execute the hackers after you beat the Shi'ite out of them? :)

[joanil]

There are fewer macs.
Therefore, less mac attacks.

[Graybeard58]

"The idea of having executables attached to email in Outlook and Outlook Express is downright stupid. MS could have cleared much of their vunerability if they didn't want to leave "hooks" in their applications".

BINGO!

[MattAMiller]

Usually when one of these viri (See? I'm edumacated) comes around I might get one or two in my inbox. But this time I've gotten about a dozen. That sucker's virulent.

[Dubya]

bump

[headsonpikes]

Your post #20 confirms what my computer-savvy friends tell me, with a lot of feeling!

LOL!

[NCjim]

A lot of the holes are also sloppy programming, i.e. input data is allowed to overrun the buffer into which it is being read. Programming 101 says that you do bounds checking on input to prevent overrun. Sloppy programming can occur when code is written too carelessly or when quality does not matter since there is no competition.

[joanil]

Windows 95/98/2k, etc.
Heh, as if it needed a reason to crash..............
Welcome to MS crash (trash)can alley...

[Mannaggia l'America]

I had over 118 sobig spams in my email this morning.

You are lucky - I had over 3,000 this morning, all since yesterday evening. That's not counting how many I had since it all started - that's just between about 10 PM EST and 7:30 AM EST.

My e-mail server is on a Unix system, so I have procmail filtering all of them out, so it is not clogging me up too much.