DHS Warns Of Internet Attacks
The National Infrastructure Protection Center
has issued this update to an earlier warning about Windows:
The DHS/ Information Analysis and Infrastructure Protection (IAIP) National Cyber Security Division (NCSD) is issuing this advisory in consultation with the Microsoft Corporation to heighten awareness of potential Internet disruptions resulting from the possible spread of malicious software exploiting a vulnerability in popular Microsoft Windows operating systems.
DHS expects that exploits are being developed for malicious use...SEVERAL WORKING EXPLOITS ARE NOW IN WIDESPREAD DISTRIBUTION ON THE INTERNET. THESE EXPLOITS PROVIDE FULL REMOTE SYSTEM LEVEL ACCESS TO VULNERABLE COMPUTERS...AN INTERNET-WIDE INCREASE IN SCANNING FOR VULNERABLE COMPUTERS OVER THE PAST SEVERAL DAYS REINFORCES THE URGENCY FOR UPDATING AFFECTED SYSTEMS.
Here's the deal: scanning software is readily available for the "script kiddies" to download and start probing for vulnerable systems. In a matter of minutes, I could scan my ISP's network or that of another provider and find lots of users whose systems are wide open (I've done this as a security professional). Frankly, most Internet users are not all that savvy when it comes to computer security, and they represent a weak link--once I find them and take advantage of this announced flaw, I can load and run software from their machines to do whatever I want.
One popular form of attack is known as Distributed Denial of Service (DDoS). As the name suggests, I can do a variety of things (e.g., flood a computer with bogus computer messages) to bog down and/or crash a machine, thus denying service to legitimate users. That's become more difficult to do with a single hacker computer, but I can enlist unwitting participants to launch my attack from hundreds or thousands of computers at once, which is difficult to block. So I scan a network with an automated tool, install a "zombie" agent program that will do my bidding on all the exposed machines I find, and once I've got enough in my virtual army I send a command to them and they will attack whatever network or computer that I desire. You might recall a spate of highly publicized attacks on the likes of Ebay and Amazon and CNN back in 2000. That could happen again.
Do us all a favor and get you machine in tip-top shape. If you don't know how to do that, ask your IT administrator or ISP to help.