Bernhard Warner
LONDON: The spread of the Code Red computer worm showed signs of peaking on
Friday, although security experts warned the IT community not to drop its guard.
"Basically, it's reaching its peak now," Andre Post, a senior research
adviser for Dutch security software maker Symantec Corp, told Reuters on Friday.
"I expect it to slow down a bit more."
There still have been no confirmed reports of Code Red infesting computers in
Europe. However, security experts believe the continent hasn't been spared
completely. "I'm sure there are some small companies that have ignored the
media warnings" and neglected to fortify their computers against invasion,
said Post.
The contagion appeared to slow in Asia too. Japan's Information-Technology
Promotion Agency reported a case of a single confirmed infection on Thursday
night, and one failed attempt.
As of 1300 GMT on Friday, data from the US-based System Administration,
Network and Security (SANS) Institute had reported that there were an estimated
293,000 cases worldwide since the worm once again woke up on August 1. The
majority of the cases appear to be in the United States. In its first round last
month, Code Red infected some 350,000 servers.
Keynote Systems, a San Mateo, Calif.-based firm that tracks Internet
performance, reported Thursday night that overall Internet speed had not
degraded this week. Meanwhile, a more virulent bug, Sircam, which has been
obscured by the media coverage around Code Red, also appeared to be waning in
intensity.
Raimund Genes, of Internet security firm Trend Micro, said the firm had
downgraded Sircam to "low risk" on Friday. It had been the most active
computer virus in July.
Security sites make merry
Meanwhile in New York, traffic to computer security sites is soaring as recent
viruses have proliferated the Web and have hit corporate systems, according to
leading Internet audience measurement service Nielsen//NetRatings. Traffic to
Symantec.com (http://www.symantec.com) and McAfee.com (http://www.mcafee.com)
have spiked in the past four weeks as office workers try to learn more about
virus protection from "Code Red" and "Sircam" worms.
More than 1.2 million unique visitors at-work logged onto Symantec.com during
the week ending July 29, skyrocketing more than 56 per cent from 808,000
visitors the previous week. Thirty percent of the site's audience accessed the
page featuring security updates about the Sircam worm virus. Traffic to the site
has surged 122 per cent during the past four weeks.
Traffic to McAfee.com jumped 37 per cent, with 1.1 million visitors accessing
the site, compared with 839,000 visitors the previous week. Nearly 17 percent of
McAfee's audience visited the Sircam worm virus help center. McAfee.com's
visitors have increased 125 per cent during the past four weeks.
"These sites offer security updates and software that are easy to
download and assure surfers that they can combat against the latest attacks
spreading through the Internet," said Betty Cho, Internet analyst,
NetRatings.
This week's traffic to Microsoft.com is expected to rise significantly as the
Code Red worm hit again July 31, according to Nielsen//NetRatings. The site
supplies a virus patch for Windows NT and 2000 users. Nielsen//NetRatings
measures and reports Internet audience behavior based on data collected from
62,000 home users and 8,000 at work users in the U.S and 155,000 international
users.
(C) Reuters Limited 2001.