Microsoft working with the feds; Virus attacks may be terrorism

WORLD TRIBUNE ^ | 8/21/03 | World Tribune Staff Writer

[Pro-Bush]

Microsoft working with the feds; Virus attacks may be terrorism

Evidence gathered by Microsoft, the FBI, and the Secret Service on the worldwide attacks made against computers running the Windows operating system fits the profile of "terrorist activity."

Industry sources citing Microsoft officials told World Tribune.com that recent attacks against from the "Blaster" worm and its variants, coupled with an email virus called "SoBig-F" show signs of a coordinated attack by an entity wanting to disrupt world commerce. Microsoft is cooperating with both the FBI and the Secret Service and will report their findings in the next few days.

While at present no terrorist organizations have claimed responsibility for these attacks in cyberspace, Microsoft is an obvious target for terrorists as the largest, most recognizable, and most profitable software company in the world.

The Blaster worm exploits a flaw in the Remote Procedure Call (RPC) component used by Microsoft Windows, the operating system installed on an estimated 90 percent of all home and corporate desktop computers worldwide.

A patch was made available free of charge by Microsoft in July 2003, but few home or corporate users downloaded the fix. The Blaster worm seeks out any Internet-enabled Windows computer without the fix, installs malicious code that takes control of the computer, and beings attacking a Microsoft corporate Web site used to distribute software fixes to Windows users. SoBig-F is a rehash of a virus first spread by hackers in January 2003. The "F" strain clogs e-mail systems full of messages with subjects like "Re: Details" and "Re: Wicked screensaver," and then installs a "Trojan horse" program that is used to spit out thousands of copies of the virus from the victims' computers.

Microsoft officials said the company is working proactively to halt the spread of the Blaster and SoBig attacks by encouraging Windows users to regularly update their computers using the free Windows Update feature in Windows 2000, XP, and Server 2003.

Late Wednesday afternoon, Microsoft posted two "critical updates" to Windows Update that fixed flaws in their Internet Explorer Web browser and a collection of common Windows operating system components that would "allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions, including executing code." Sources inside Microsoft say that up to three more of these critical updates will be released in the next few days to coincide with the Blaster and SoBig-F investigation.

[milan]

Again please...in English this time.

[TheBattman]

Microsoft working with the feds; Virus attacks may be terrorism

Or it could just be that Windows code is just so easy and full of loopholes that it makes for a convenient target.....Especially when you consider that people have been writing viruses and worms for many years - long before our concerns turned to much towards terrorism.

The fact of the matter is, you write an OS with lots of wide open back doors and screwy code, and someone will find a way to exploit that hole...

[joanil]

Nope, I judge not the winter wheat supply, or any USA grain supply for that matter.
I only post what I see in the local big grocer stores.
Their prices speak for themselves.

Do you buy any groceries or do you just pass judgement on your takeout deliveries?!?

[joanil]

MacAfee is the name.
Killing the virus is our game.
Firewall protects against all the same
MacAfee is the name!!!

[sigSEGV]

I hear this comment every day. You do realize how many Linux machines are out there on the Internet don't you? Quite a few. You're on one right now. What you don't seem to understand is that there is a philosophical difference between the two. One sees security as being more important than bells and whistles and the other is the opposite.

[livius]

Oddly enough, I had something snooping around trying to get a trojan into my system a couple of days ago. It was nabbed by Norton Firewall, and just for the heck of it, I checked the IP address and its geographical location: it was from Dubai, United Arab Emirates. This, of course, could simply have been something being relayed from a computer in Dubai without the owner's knowledge, but it did strike me as a little strange.

[Gabrielle Reilly]

Thanks. Indeed.

[Gorzaloon]

That doesn't help me much, lol! I dunno about Studebakers and keys...

Just being funny. Haven't seen many Studebakers lately, have we? Bad People go after popular stuff. They steal Cadillac SUV's and other popular cars, not obscure or extinct things. They do not write viruses to infect Commodore 64's, they are going to write them for the masses, not hobbyists or cultists, because a certain critical mass is needed for them to grow and propegate. And let me be the first to admit, they need a high population of users who are too dumb to run a firewall or an antivirus program.

[joanil]

Hunh? I layed it all out in 'english'.
Whats the prompt problem?>>>>
You want it in 'Cobol'
What do you want???

Splain!!!

[NCjim]

I, personally, would like to see it in APL.

[drjoe]

ISPs could do a lot to confront this by blocking outgoing SMTP and NetBios attempts. Force users to send email through their own servers unless they have some sort of agreement otherwise. Don't allow incoming Windows file sharing requests.

Just doing those two things will stop 90% of the viruses out there


Hey I got an even better idea. Shut down your confuser. No confuser - no virus,

[joanil]

Ohhh, Virulent viri's indeed!

[FlyVet]

99% of virus problems are from people too lazy or uninformed about updates and virus protection.

I agree with you. There's always a chance you could get a virus that hasn't been yet discovered by your antivirus software, but it hasn't happened to me. The only time I ever got viruses was when I forgot to turn my auto-protect back on after a software load. I keep my Zone Alarm, IE, and antivirus programs all set to ping for updates daily. Most anyone I've known who've had viruses crash their machine had no clue about auto-update. And I'm talking a lot of smart people who just didn't bother to think about such things.

[joanil]

You got it here and now;
Explain your quest to us all somehow.

[NCjim]

APL = A Programming Language, by Iverson. It has the unique property that any program can be condensed to a single line of code. Only readable by the hardest-core geeks...

[joanil]

Ash bat is better.
Hits harder,
Just connect bat to ball,
Problem solved.

[joanil]

If that is so.............
Into the geek world we must make it so,
Into the APL we must now go!

[joanil]

Lets bring out the Mighty Tesla Coil and fry them all!
Burning Man outpost anyone????

[harmony]

Survival of the fittest: Two genera, two strategies.

The MS genera maximises its relative fitness with a strategy of aggression: attempting to minimise the fitness of its competitors. It pays with low phenotypic plasticity, and low innovation.

The Linux genera maximises its relative fitness with a strategy of resilience: maximising its phenotypic plasticity (open source) and hence responsiveness to environmental perturbations. It pays with lower dominance.

The "enviro-socialist-linux-open-source nutballs" do not need to attack MS to survive. That's MS's strategy. They just need to wait.

If "corporate America" really is "brought to its knees", the blame will rest squarely upon the shoulders of those who did not see the warning signs. Blaming the "terrorists" won't get you anywhere.

[lelio]

Blaming the "terrorists" won't get you anywhere.

But it sure makes you feel "mail bomb worthy" (to use a Seinfeld phrase). Terrorists have finally stopped me from getting the high score in FreeCell!