[ISN] Code Red virus probably began in China, GAO official says

From: InfoSec News (isnat_private)
Date: Tue Sep 04 2001 - 02:17:56 PDT

  • Next message: InfoSec News: "[ISN] Kelly demands apology for hacking allegations"

    Agence France-Presse 
    WASHINGTON (September 2, 2001 11:42 p.m. EDT) - The Code Red computer
    virus that gummed up Web servers around the world probably originated
    at a university in China, a congressional report released Friday said.
    The Code Red virus "is believed to have started at a university in
    Guangdong, China," according to Keith Rhodes, the chief technologist
    for the General Accounting Office, Congress' investigative arm of
    Rhodes' testimony was given to a hearing Wednesday and released Friday
    by the GAO. He did not elaborate on the origin of the virus.
    But he said the virus can do damage to the global Internet
    infrastructure because it can "decrease the speed of the Internet and
    cause sporadic but widespread outages among all types of systems."
    He said that "the first version of Code Red created a randomly
    generated list of Internet addresses to infect. However, the algorithm
    used to generate the list was flawed, and infected systems ended up
    reinfecting each other. The subsequent versions target victims a bit
    differently, increasing the rate of infection."
    The so-called Code Red virus is categorized as a "worm" which invades
    servers and overwhelms their memory capacity, shutting them down just
    before the worm is passed to another computer.
    Servers are computers that pass data, such as Web pages and e-mail,
    across the Internet. Individual computers are not vulnerable to the
    Some versions of the Code Red virus targeted attacks on the White
    House Internet server, although officials said no damage was done to
    the site.
    Separately, a California-based research group said over 1 million
    servers were infected by the Code Red virus and that the economic loss
    from the infections was $2.6 billion dollars.
    Computer Economics said the cost of cleaning an inspecting servers was
    $1.1 billion and that $1.5 billion in productivity was lost.
    It figured the total impact of virus attacks around the world for 2001
    has hit $10.7 billion.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Tue Sep 04 2001 - 04:26:24 PDT