CNN.com - Transcripts

Transcript Providers

Return to Transcripts main page

CNN Live At Daybreak

Code Red Worm Threatens Internet Security

Aired July 31, 2001 - 08:01 ET

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.

THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
COLLEEN MCEDWARDS, CNN ANCHOR: A computer alert: If you use a computer, chances are that you will encounter a worm sometime today. It is called "Code Red." Not every computer will be affected, but as CNN's James Hattori reports, you are likely to see the effects if you are online.

(BEGIN VIDEOTAPE)

JAMES HATTORI, CNN CORRESPONDENT (voice over): Unlike a computer virus, which typically comes attached to an e-mail and must be opened, the Code Red worm hidden from the user scans the Internet looking for vulnerable computers -- in this case, Web servers using Microsoft Windows NT or 2000 and Internet information services software.

UNIDENTIFIED MALE: It breaks into one server. From there, that one server can break into thousands of other servers. And each of those servers, once infected, propagates itself. So it grows geometrically at a very rapid pace.

HATTORI: The Code Red worm first surfaced July 19 spreading quickly. It also attempted a denial-of-service attack or overload on the White House Web page.

Other Web sites were actually defaced with the words "hacked by Chinese." Some experts think the worm's author was sounding a wake-up call about lax security on the Net.

CHAD HARRINGTON, ENTERCEPT SECURITY TECHNOLOGIES: They didn't have a lot of malicious intent, but wanted to show it could be done.

HATTORI: The latest version of the worm is programmed to spread during the first 20 days of August starting Tuesday night, but it is completely preventable. Microsoft is offering a free software patch on its Web site.

RONALD DICK, NATIONAL INFRASTRUCTURE PREVENTION CENTER: If users act quickly, we could mitigate much of the potential damage from this worm.

HATTORI (on camera): After passing through servers like this around the world, the worm has already mutated twice. And experts worry that the next version may be written in a way to not only tie up the Internet, but actually damage infected computers.

James Hattori, CNN, San Francisco.

(END VIDEOTAPE)

CAROL LIN, CNN ANCHOR: All right. So what do you need to do to protect yourself from code red?

Well, take a look at this. Computers most at risk are using Windows 2000 or NT or Microsoft IIS. If you are using Windows 95, 98 or Millennium Edition, you don't need to worry. The worm shouldn't bother your PC.

But Daniel Sieberg from CNN Interactive has some gardening tips this morning to help us worm this whole thing out.

Good morning, Daniel.

DANIEL SIEBERG, CNN INTERACTIVE: Good morning, Carol.

LIN: Did I get through that list OK?

SIEBERG: Yes, absolutely.

LIN: All right.

SIEBERG: And the reason that that's important to mention is that most personal users -- most home computer users aren't going to be vulnerable to this particular worm.

LIN: Right.

SIEBERG: It's the corporations, it's the businesses, it's the ones running the networks that are the ones that have to protect themselves with this patch.

LIN: But if we log on and we're trying to get onto a Web site, we might have trouble, or we might see something we're not familiar with. So at least everybody might come into contact one way or the other.

SIEBERG: Exactly. It could slow down Web traffic so much, because it's trying to replicate itself. It is using up bandwidth essentially.

LIN: It's fascinating.

SIEBERG: Right.

LIN: All right. James Hattori was talking about a patch. When I think of a patch, I am -- like a patch. What is a patch?

SIEBERG: Right. A patch is like a patch on your arm. It's something that would heal a vulnerability in a computer is what it is. So in this case, these network companies, these servers, they need this patch to eliminate the vulnerability in their computer. So that when the worm tries to get in, it can't get in.

LIN: How is this thing traveling? It's different than a virus, right?

SIEBERG: It is different than a virus, which you might see in your e-mail. In this case, you won't see it. It actually goes out through the Internet trying to find computers that match this profile.

LIN: And it's moving pretty quickly.

SIEBERG: It's moving very quickly. In fact, I'll show you how quickly it can go. We've got a map here that should demonstrate how fast it can go. In terms of its distribution, it spread...

LIN: So the red dots?

SIEBERG: The red dots are where it starts. And then as it finds more computers that match this profile, it spreads out across the Internet literally across the world. So sites that you may want to try and get into are going to be slowed down. The traffic will be immense.

LIN: That's amazing. I heard potentially 500,000 computers a day.

SIEBERG: Exactly. In fact, the last time it was about 250,000 in nine hours, which is a very, very rapid rate.

LIN: That's remarkable. All right. If you don't need a patch, are there -- or you can't get to a patch -- you don't know how to get one -- are there simple ways that you can protect yourself?

SIEBERG: Well, home users will probably not have to protect themselves too much. They are going to experience the slowed-down traffic. They may not get to their favorite site. e-commerce could be affected and that sort of thing.

Now, these companies do need to go out and get the patch. There is a very concerted effort in this case between the government and private industry to really battle this particular worm that's going around, because they know when it's going to start. It is supposed to start sometime tonight. So they have time to prepare, to go out and make sure they have everything in place to stop it from spreading.

LIN: But I heard, you know, despite all this drama about getting the patch and, you know, making all the right corrections there that all you have to do is reboot, just turn off your computer.

SIEBERG: Right. Well, that's something that the companies have to do first. First they need to reboot. It takes it out of memory. It doesn't exist from the hard drive. It only exists in memory. Once they reboot, it's out of memory, but they also need the patch to protect themselves from this next outbreak. So it's not just a matter of rebooting. There is this next step that they have to go through as well.

LIN: In some programs, you have to reboot, not just once but several times. SIEBERG: That's right. It's never enough just to do it once. It's always good to do it, because it's almost like cleansing out your system is sort of what you are doing. And in this case, they are really not sure if it could be worse. There could be a mutation. In this case, it could be damaging. They just don't know. There's a lot of guessing games going on -- sort of a wait and see, brace for the worst, hope for the best is what they are doing right now.

LIN: Well, rebooting for me has always been the solution to everything.

SIEBERG: Right.

LIN: Any problem I have ever had.

SIEBERG: Right.

LIN: Thank you so much, Daniel Sieberg. All right.

Well, you can find the latest code red information on our Web site, CNN.com.

TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com.