US warns of new Internet attacks
WASHINGTON: Government and private cybersecurity experts warned Thursday that the Internet could come under attack from a new virus similar to last month’s Blaster worm in the wake of a new Windows flaw revealed by Microsoft.
In an advisory late Wednesday, the Department of Homeland Security’s cybersecurity division warned of a “potential for significant impact on Internet operations” as a result of the vulnerability disclosed by the software maker. Microsoft earlier announced the so-called “critical” security problem, similar to one revealed last month that allowed the Blaster worm to spread, affecting most versions of Windows in current use. The flaw “could allow an attacker to remotely compromise a computer running Microsoft Windows and gain complete control over it.”
Microsoft urged computer users to install an update or “patch” that would correct the problem. The company said it was not aware of any virus or worms aimed at exploiting the flaw. But based on experience, many experts predicted that a virus or “exploit” would be circulated on the Internet. Depending on the way the virus is written and how it is spread, it could slow computer networks and Internet traffic.
The tech security firm Symantec said that because the new flaw is similar to the one uncovered in July, it believes that “active exploitation and creation of Internet worms targeting this vulnerability is imminent.” British-based security firm Sophos also called the flaw a serious threat and said computer network administrators and others should quickly patch their systems. “The security hole could be exploited by hackers or a future Internet worm,” Sophos stated in a bulletin Thursday. “There is simply no excuse for IT managers at companies running Microsoft Windows not to already know about this serious security issue,” said Graham Cluley, senior technology consultant for Sophos.
Failing to update systems “is showing a disturbing disregard for the safety of your business systems,” he said. The Department of Homeland Security said it “believes that exploits are being developed” and could spread rapidly because the overwhelming majority of personal computers use the Windows operating system. “DHS is concerned that a properly written exploit could rapidly spread on the Internet as a worm or virus in a fashion similar to the Blaster Worm,” the advisory said.
The flaw affects Windows NT version 4.0, Windows 2000, Windows XP and Windows Server 2003. In August, the Blaster worm — also known as “Blaster, “LovSan” and “MSBlast” — crashed tens of thousands of computers and slowed Internet traffic. US authorities later charged an 18-year-old in connection with the spread of the “Blaster” virus, although they said he was not the original author but had modified the worm to make it more dangerous. —AFP