Donate SIGN UP

Why has there been so much press coverage on the Code Red computer virus

00:00 Mon 10th Sep 2001 |

asks Margie

A. In July, the virus hit US computer systems in the White House and the Pentagon - forcing the FBI to issue a statement on the severity of the virus, and to recommend that all businesses install Microsoft's patch to protect their computers. It believed that Code Red would bring the internet to a standstill on August 1, because it had lain dormant on many computers and could kick-start itself at the beginning of a new month, creating widespread havoc on the Internet. This did not happen, however.

Q. Why didn't this happen at the beginning of August

A. It is not clear, but it could mean that many organisations did install patches to prevent infection; that the virus was only programmed to work for one month; or that there was a lot of unfounded hysteria surrounding the virus in the first place.

Q. What is so lethal about this virus

A. It is a 'worm' virus (a worm is self-replicating and eats into a PC, copying itself continuously, using up memory; it can also attach itself to emails and mail an entire address book) that embeds itself on a host computer and uses it as its base to mount attacks on business websites. The damage it does depends on the time of the month�- it carries out different functions at different times. This means that during the first 19 days of the month a computer infected with the Code Red virus will scan the internet looking for other vulnerable computers and infect them. During days 20-27 it then launches denial-of-service attacks on major websites�- this means that it floods a website address with continual requests for access until the site fails under the weight of traffic, and the site crashes. After day 27 the worm becomes inactive, but still remains on your computer.

Q. How do I know if my computer is at risk from the Code Red virus

A. If you use Windows 95, Windows 98 or Windows Me on your PC (or you use an Apple Mac) you are safe from the Code Red virus. However, if you use Windows 2000 or Windows NT, and this runs Microsoft IIS web server software (versions 4.0 and 5.0), then your computer is vulnerable and can be infected.

Q. If my computer is vulnerable, how can I stop it being infected

A. You can install a Microsoft patch onto your computer to stop it being infected, this is available online from:

http://www.microsoft.com/technet/treeview/default.asp url=/technet/itsolutions/security/topics/codealrt.asp.

You should note, however, that only large businesses and multinational corporations have been targeted by the virus, not ordinary PC users. Often if you detect the virus, reboot your computer and install the Microsoft patch�- your PC is completely clean and it only takes half an hour to do this.

Q. Where does the Code Red virus come from

A.� Nobody has claimed responsibility for the virus to date, but recent press coverage states that it has been traced to a university in the Guangdong region of China. The belief that the virus comes from China is backed up by reports that websites that have been targeted by the Code Red virus have been left messages that state "Hacked by Chinese"�- but there is no concrete evidence either way. It is also thought by some that the name Code Red is connected to communist China�- but this is a rather obvious and improbable link.

If you have any other Internet & Technology related questions, please click here

by Karen Anderson

Do you have a question about Technology?