Sorry for doing this again but i just cam't help it ( hope you understand, and plus sometimes the link isn't there anymore) :


As Net attack eases, blame game surges

By Jeordan Legon
CNN

Analysts check the status of the Internet at Internet security company Little eArth Corp. in Tokyo, Japan.

Analysts check the status of the Internet at Web security company Little eArth in Tokyo, Japan.
____________________________________________________________________________________________________ ____________________________

Story Tools
____________________________________________________________________________________________________ ____________________________


____________________________________________________________________________________________________ ____________________________

o Pros try to track vicious 'Slammer' worm
o Seoul market feels worm attack
o Gates pledges better software security
____________________________________________________________________________________________________ ____________________________

o Microsoft Windows Update external link
o Microsoft's mailing list for network administrators external link

(CNN) -- An Internet worm that struck thousands of computers this weekend, crashing bank cash machines and snarling Internet
connections, caused limited disruptions as businesses in the United States and Europe fired up their computers Monday.

Some Bank of America ATMs were still out Monday, primarily in the Southeast, a bank spokesman said. And analysts blamed a dip in
South Korea's stock market on the worm taking down most Internet connections in the country over the weekend.

In all, security firms estimated the "Slammer" worm, the worst act of Web sabotage in 18 months, affected tens of thousands of
computers worldwide and caused millions of dollars in losses to Internet-related businesses.

"It was a horrific weekend for people," said Sharon Rousseau, a cashier at a Publix supermarket in Atlanta who could not dispense
cash to frustrated buyers. "We had a lot of upset customers. They couldn't believe something so massive could occur."

Assigning guilt

As experts continued trying to track the source of the attack -- which targeted a known vulnerability in Microsoft's SQL Server
database software -- what became clear is the complexity of creating hack-proof systems.

Software developers warned that Internet users are likely to see many more disruptions as the Internet's reach and consumers'
dependance on it continue growing.

So who is to blame? Well, the clearest target were the hackers themselves -- who unleashed the worm on the world's computers.

But Microsoft's critics also pointed fingers at the software giant, urging that the company take greater steps to increase software
security.

Others blamed network administrators who failed to install a Microsoft patch that would have prevented the worm from spreading.

And still others blamed at the lack of security of the Internet itself, questioning whether businesses and consumers have been too
quick to risk security for the sake of convenience.

"The real threat to the Internet is not from hackers. ... The threat is people and businesses connecting to the Internet in insecure
ways," said Lawrence Baldwin, who runs Internet security firm myNetWatchman.com.

A new system needed?

Baldwin said one way to prevent problems might be to require companies that do businesses on the Web to use a separate,
yet-to-be-invented "secure Internet" and then connect to the wider Net from behind that barrier.

"Right now, you have an infrastructure that allows anyone to connect without standards," he said. "That creates a major threat.
[Businesses] are exposing services on the Internet that have no business being exposed."

He said he hoped such a system would be embraced by businesses without the need for legislation.

Developers say Microsoft has emphasized launching new products and growing market share at the expense of security.

Because their software runs on the majority of machines around the world, Microsoft has a special responsibility to pay more careful
attention to security, said Andrew Schulman, an expert witness in California's recent class-action suit against the software Goliath.

"Could they be doing more? Clearly," Schulman said. "Part of the problem is that Microsoft has always been oriented toward growth
rather than consolidation. Getting them to say 'Let's take what we do now and make better and more bug free' is a big challenge."

"It would be great for someone to tell them, 'Go back and clean up the whole mess you made.' That would be terrific. But it's not
going to happen."

Microsoft responds

WORM'S EFFECTS
Customers of the Canadian Imperial Bank of Commerce in Toronto and Bank of America in the United States were unable to withdraw money
using ATMs during part of Saturday and into Sunday.
Korea Telecom Freetel and SK Telecom service failed, stranding millions of South Korean Internet users.
Internet congestion prevented consumers from contacting Microsoft over the Internet to unlock the anti-piracy features of its latest
products, including the Windows XP and Office XP software packages.
The U.S. departments of State, Agriculture, Commerce and some units of the Defense Department appeared hardest hit among federal
agencies.
Some Associated Press news services and several newspapers were temporarily interrupted.
Trading volume at the Korea Stock Exchange fell to a 13-month low as investors in the world's most wired country steered away from
putting orders through Internet brokerages.
Source: Associated Press

The company itself acknowledges that some of its products are not secure enough.

As part of a high-stakes campaign to convince businesses that Windows software is safe, Microsoft chairman Bill Gates wrote a
1,500-word e-mail last week to about 1 million people.

In it, he put the cost of hacker attacks in 2001 at $455 million and he pledged to make significant improvements.

"New security risks have emerged on a scale that few in our industry fully anticipated," he wrote. "... Microsoft has a
responsibility to help its customers address these concerns, so they no longer have to choose between security and usability."

The most visible changes made by Microsoft include delaying launch of its Windows Server 2003 operating system until April, blaming
delays at least in part on security concerns being addressed by programmers.

The company also spent about $100 million last year to train about 8,500 developers in secure programming, a move that virtually
halted product development. And some inside the company say the firm's culture is changing, giving new respect to security personnel.

Taking responsibility

But Graham Cluley, a senior tech with Sophos Antivirus, said it's easy to take a jab at Microsoft, but much tougher to come up with
answers that will prevent future attacks.

"Any piece of complicated software will have bugs in it," he said. "The important thing is not just that [Microsoft] release good
software, but that also customers listen to them and protect themselves."

In the case of the "Slammer" worm, Microsoft released a patch about six months ago that would have prevented the worm from creeping
in, but many firms failed to install it.

Some may not have found out about the patch. Others may have put off installing it because software patches often cause other
problems for a network and business applications that must then be fixed.

"It's not as easy as installing the patch and you're done," said Baldwin, who has migrated away from Microsoft products. "You have to
sure make the patch doesn't cause other processes in your network to break down."

Making companies accountable

Bruce Schneider, a tech manager at Counterpane Internet Security, said that it's time to consider holding companies legally liable
for the security of their software and networks.

"If you run a computer network and it sets off a virus, you are not held liable," he said. "If you were liable, it would be in your
best interest to make sure that your network is secure. Same thing for software development.

"Microsoft produces software with systematic flaws in it and nothing happens. If they were liable for the actions of their software,
it would be in their best interest to take responsibility ... and not just give lip service."

The one thing that Microsoft, network administrators and front-end computer users all agree on is that the Internet is here to stay
And this new landscape seems to offer as many conveniences as it does risks. "

what is this, the third topic about this worm????

what's wrong with simply posting the link to the article?

crazy.....

I'd have to agree, this has been the top tech story on about every site.

My one little suggestion would be: Install and use Linux or any other OS that doesn't end with dows ( I guess that includes Lindows as well.. hehe ) !

LONDON (AP) -- Two men were arrested Thursday on suspicion of being part of an international group that police blamed for damaging computer system worldwide through a virus-like Internet worm.
A 19-year-old electrician was held in Darlington, northeastern England, and a 21-year-old unemployed man was in custody in nearby Durham in an
operation involving the U.S. Secret Service, the FBI, the Department of Justice and Britain's National Hi-Tech Crime Unit.

Authorities say the two men are part of an international gang of Internet hackers who call themselves the "THr34t-Krew."

Cracking down

Police say their homes were searched and computers seized, and they were being questioned on Thursday by the Crime Unit.

At the same time, another suspected hacker base was searched in Illinois and more computers found, they said.

Police say an Internet worm created by THr34t-Krew several years ago has now infected about 18,000 computers worldwide.

Last month, a different worm, dubbed "Slammer" or "Sapphire," struck hundreds of thousands of computers, clogging Internet pipelines and slowing
traffic for Internet users.


=--==---===--=========================================


Worm spread worldwide in 10 minutes
_________________________________________________________________


SEATTLE, Washington (Reuters) -- It only took 10 minutes for the SQL
Slammer worm to race across the globe and wreak havoc on the Internet
two weeks ago, making it the fastest-spreading computer infection ever
seen, researchers said on Tuesday.

The worm, which nearly cut off Web access in South Korea and shut down
some U.S. bank teller machines, doubled the number of computers it
infected every 8.5 seconds in the first minute of its appearance, said
a computer security research group led by the Cooperative Association
for Internet Data Analysis.

By comparison, the Code Red worm -- which came 18 months earlier --
only doubled every 37 minutes.

"We were pretty surprised by how quickly it spread," said David Moore,
a senior technical manager at CAIDA. "This is the fastest we've ever
seen something spread like this."

Stopping traffic

The worm, which exploited a flaw in Microsoft Corp.'s SQL Server
database software, caused damage by rapidly replicating itself and
clogging the pipelines of the global data network.

The tiny malicious program, which was also known as Sapphire, did not
erase data or cause damage to desktop computers, but was designed to
replicate itself so fast and so effectively that no other traffic
could get through networks.

"The Sapphire worm's scanning technique was so aggressive that it
quickly interfered with its own growth," CAIDA said in a report.

Hardest hit

The United States and South Korea were hardest hit by SQL Slammer,
CAIDA said, making up 43 percent and 12 percent of the victimized
computers.

"Though very simple, Sapphire represents a significant milestone in
the evolution of computer worms. Although it did not contain a
destructive payload, Sapphire spread worldwide in roughly 10 minutes
causing significant disruption of financial, transportation, and
government institutions," the CAIDA report said.

"It clearly demonstrates that fast worms are not just a theoretical
threat, but a reality -- one that should be considered a standard tool
in the arsenal of an attacker."
_________________________________________________________________