[LINK] Australia "worst hit" by worm's resurgence

From: Bernard Robertson-Dunn (brd@austarmetro.com.au)
Date: Fri Aug 03 2001 - 11:18:34 EST

Next message: Anthony Healy: "RE: [LINK] Media coverage of Code Red"
Previous message: Roger Clarke: "(Non-)Archival of News [Was RE: [LINK] Media coverage of Code Red]"
Next in thread: Adam Todd: "Re: [LINK] Australia "worst hit" by worm's resurgence"
Reply: Adam Todd: "Re: [LINK] Australia "worst hit" by worm's resurgence"
Maybe reply: Auer, Karl James: "RE: [LINK] Australia "worst hit" by worm's resurgence"
Reply: Michael Still: "Re: [LINK] Australia "worst hit" by worm's resurgence"
Maybe reply: Chirgwin, Richard: "RE: [LINK] Australia "worst hit" by worm's resurgence"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Australia "worst hit" by worm's resurgence
By Rachel Lebihan, ZDNet Australia
02 August 2001
http://www.zdnet.com.au/news/breakingnews/story/0,2000020826,20252341,00.htm

The virulent Code Red worm continues its march with statistics indicating
Australia could be worst hit by the latest round of infections.

Contrary to earlier predictions that the worm had been stamped out, it is
actually on the rampage, according to e-security provider Janteknology. "It
appears Code Red is on the rampage…there has been an increase to the
rolling seven-day attack [of all malicious] incidents," Janteknology's
Glenn Miller told ZDNet.

According to statistics which Miller sourced from security monitoring
company securityfocus.com, Australia has seen the greatest increase in its
rolling seven-day incident numbers, with 64,000 incidents reported here by
1 p.m Thursday, double yesterday's 30,000-plus figure, according to Miller.
And the number one attack type is the ASAPI Buffer Overflow, which is what
the Code Red exploits.

"A reasonable percentage of that will be attributable to Code Red," Miller
said. "Either that or there's a hell of a massive movement of malicious
code out there…and that doesn't make sense."

Janteknology itself has been the target of 52 probes in the past 24 hours,
all of which have been Code Red probes, the company says. On average, the
company experiences some four or five probes a day -- none of which have
been Code Red in the past few days -- and is now getting four or five Code
Red probes an hour.

"Australian organisations could well be the least protected in the world,
in light of the reported surge in local attacks, compared with the US and
Europe -- which are holding steady -- and Africa and South America, which
have seen a reduction in attacks," Janteknology said in a statement.

Symantec said it couldn't confirm Janteknology's findings. "There's
speculation that there's another variant out there," Symantec
representative David Banes said. "Or it could be existing copies [of the
worm] that haven't been cleaned up."

-- You're using a keyboard! How quaint! -- unknown

Regards brd

Bernard Robertson-Dunn Canberra Australia brd@dynamite.com.au brd@austarmetro.com.au

Next message: Anthony Healy: "RE: [LINK] Media coverage of Code Red"
Previous message: Roger Clarke: "(Non-)Archival of News [Was RE: [LINK] Media coverage of Code Red]"
Next in thread: Adam Todd: "Re: [LINK] Australia "worst hit" by worm's resurgence"
Reply: Adam Todd: "Re: [LINK] Australia "worst hit" by worm's resurgence"
Maybe reply: Auer, Karl James: "RE: [LINK] Australia "worst hit" by worm's resurgence"
Reply: Michael Still: "Re: [LINK] Australia "worst hit" by worm's resurgence"
Maybe reply: Chirgwin, Richard: "RE: [LINK] Australia "worst hit" by worm's resurgence"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:02 EST