![[ ]](../sp.gif) |
 s
a computer virus named SoBig.F swamped e-mail inboxes, wreaking
havoc on individual PC's and corporate computer systems, computer security experts around the
world spent a tense day trying to stop a more potentially serious electronic time bomb from going off:
SoBig carries an attachment that, if opened, instructs the infected computer to communicate with one of
20 host PC's that, most likely unknown to their owners, were planted with a mystery program. |
|
| But the experts did not know what would then happen to the infected machines,
or what instructions they would be given. And so the race was on to find the 20 computers and isolate
them from the rest of the Internet before they could potentially send out more malicious instructions
to millions of computers. The time of the first attack was to be 3 p.m. Eastern time...
on Thursday [21 August 2003].... |
|
| By 3 p.m. on Thursday, after working around the clock...
a team of security sleuths with F-Secure, a computer security company in Helsinki, Finland, that sells antivirus software...
had decrypted the computer code. What they found was a list of 20 Internet Protocol, or I.P., addresses,
linked to home computers in the United States, Canada and South Korea. |
|
| Further, they discovered a new twist.
At 3 p.m. yesterday, tens of thousands of computers already infected with SoBig were supposed to connect
to those 20 computers, using them as mere go-betweens, to retrieve a list of Web addresses. Once they were
obtained, the machines infected with SoBig were supposed to download a program from those addresses. |
|
| What was supposed to happen after that no one knew,
because "we stopped it," said Tony Magallanez, a systems engineer at F-Secure in San Jose. |
|
| To mitigate the threat, F-Secure engineers notified
both the F.B.I. and the Internet service providers connected to the 20 computers. The addresses were then
removed from the network by the Internet companies. In addition, the large telecommunications companies
that provide the backbone for the Internet could have interceded and blocked all communication to those
specific Internet addresses.... |
|
| [C]omputer experts,
in collaboration with Internet service providers and law enforcement
agencies around the world, declared a partial victory: they were able to decrypt the virus's software,
find the 20 computers and take at least 17 offline. The Federal Bureau of Investigation also served
a subpoena to an Internet service provider in Phoenix that the authorities say could be the source of the virus. |
|
| And though the experts feared the host computers might give out catastrophic instructions,
like telling the infected machines to erase their hard drives or begin new attacks, Symantec Security Response,
a team within the Symantec Corporation, the Internet security company, said the remaining three host machines
had simply
redirected computers to a pornographic Web site. It is not known whether the other 17
would have performed similarly. |
|
| "The people who are in charge have sidestepped another attack or the potential for
bad things to happen," said Jimmy Kuo, a research fellow at Network Associates,
another Internet security company.... |
|
| --Katie Hafner and Kirk Semple, "Fearing PC Havoc, Gumshoes Hunt Down a Virus",
NYT, 23Aug03, p.A1. | |
|
![[ Web security commandos save The Internet from Sobig.F worm! ]](SobigF.jpg){kind=small}
![[ Explore The Information Superhighway! ]](../gif/inetfol1.gif){kind=small}
(BMcC) don't read "mysteries" or "thrillers" (etc.), but
I found this [real-life] story intensely "gripping". What ever-worse computer disasters await us in
our "wired" future? How can we restructure, not just our technology, but our
![[ Think more about computers! ]](../gif/prev2a.gif){kind=small}
Read![[ Go to: The duty of communicators! ]](../gif/lighthousea.gif){kind=small}
![[ Where is AOL man going? Where are you going? ]](../GO/AOLman.gif){kind=small}
![[ Email me! ]](../gif/email2me.gif){kind=small}
![[ Please note: ]](../sq/handarrow.gif){kind=small}
![[ Go to Site Map! ]](../signpost.gif){kind=small}
![[ HTML 3.2 Checked! Test me! ]](../valid_html3_2.gif){kind=small}
![[ This way to the egress! ]](../gif/leave.jpg){kind=small}