DoD Poised to Defend Against 'Code Red' Virus
By Jim Garamone
American Forces Press Service
WASHINGTON, July 31, 2001 DoD is poised to defend department computer networks from a revival of the Code Red "worm" virus, DoD officials said July 31.
"Our Joint Task Force for Computer Network Operations is monitoring all of our networks very closely," Pentagon spokesman Rear Adm. Craig Quigley said.
The Code Red virus is likely to start spreading again on July 31 at 8 p.m. Eastern time, said officials at the National Infrastructure Protection Center. The virus has mutated, so it may be even more dangerous. This spread has the potential to disrupt business and personal use of the Internet for applications such as electronic commerce, e- mail and entertainment, FBI officials said.
Quigley said the department has been "largely successful" in putting in patches to combat the virus. "We're confident we have most of them covered," he said. "You never say 'never,' never say you're perfect, so we'll be watching very closely, and we have the ability to take further precautionary measures should we see that one or more of the military networks has been affected by the worm."
U.S. Space Command officials said commands and agencies at all levels within DoD are taking prudent measures to protect DoD information. "We are not speculating on operational measures we will take to protect these resources," said an official. "We are actively monitoring the situation."
The worm originally attacked on July 19. Joint task force officials spotted the attack and ordered publicly accessible military Web sites to cut their connections to the public. DoD network administrators worked to install patches against the worm and DoD networks went back on line July 24.
The worm infected more than 250,000 systems in just nine hours. It scans the Internet, identifies vulnerable systems, and infects those systems by installing itself, according to the National Infrastructure Protection Center. Each newly installed worm joins all others, causing the rate of scanning to grow rapidly. This uncontrolled growth directly decreases the speed of the Internet and can cause sporadic, widespread outages among all types of systems.
Organizations using Microsoft Windows NT or Windows 2000 systems and IIS Web server software may be vulnerable. Windows 95, Windows 98 or Windows Me are not affected by the Code Red worm.